Re: MS-Blast scripts
- From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 15 Aug 2003 01:01:58 +0200
sheik yerbuti, f.z. ;))))
> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Friday, August 15, 2003 12:54 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: MS-Blast scripts
>
>
> http://www.ISAserver.org
>
>
> The other side of that particular coin is Black Ice Defender.
> It's a host-based IDS that also reports back to a "Central
> Scrutinizer" (three anti-social points for the correct quote
> identification) for attack and attacker identification.
> Pretty slick toy.
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver
> http://isaserver.org/Jim_Harrison
> http://isatools.org
>
> Read the help, books and articles!
> ----- Original Message -----
> From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, August 14, 2003 15:32
> Subject: [isalist] Re: MS-Blast scripts
>
>
> http://www.ISAserver.org
>
>
> In short words, because it's already too late over here and I
> need a good boy's sleep: you're right.
>
> I took a glance at NAI's Intrushield which introduces a so
> called Virtual IDS. Of course, Intrushield is an IDS
> appliance and does other things than ISA, but the concept of
> virtual segments that are being monitored is appealing.
>
> Mark
>
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
> > Sent: Friday, August 15, 2003 12:12 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: MS-Blast scripts
> >
> >
> > http://www.ISAserver.org
> >
> >
> > Hi Mark,
> >
> > Actually, you have a good point. The time is near when we
> need an ISA
> > like device on every system. That is, a smart layer 7 sophisticated
> > firewall. Not a pixoid packet filter, but an ISA that can
> examine the
> > application layer headers and data. Microsoft is a software
> company,
> > they understand software, and layer 7 is all about app software. If
> > anyone can do it right, its going to be Microsoft. Cisco is good at
> > fast, but all that accomplishes is passing exploits faster
> > than anyone else.
> >
> > In fact, personal firewalls do perform such a function
> already. But
> > most of them, from my experience, cause more problems than
> they fix.
> > The exception, again in my experience, is the unfairly
> maligned ICF.
> > Its very transparent and blocks unsolicited inbound
> requests. You have
> > to go out of your way to allow inbound connections, but at
> > least you can do that.
> >
> > (Check out the lamer "firewall feature" included with the Windows
> > Server 2003 RRAS. It'll block unsolicited inbound requests, but you
> > can forget about reverse NAT. ICF is more sophisticated
> than the RRAS
> > firewall
> > "service")
> >
> > The personal firewall needs to have a central policy, so that you
> > essentially extend the ISA features to the desktops and
> other devices.
> > The would also have reporting mechanism like ISA and feed this
> > information to the central reporting system. You can see where I'm
> > going with this! Servers would also have a similar "satellite"
> > firewall system. ISA can be the hub firewall system that manages,
> > reports, and updates the satellite firewall systems.
> >
> > Sound good so far?
> >
> > :-)
> > Tom
> >
> > Thomas W Shinder
> > www.isaserver.org/shinder
> > ISA Server and Beyond: http://tinyurl.com/1jq1
> > Configuring ISA Server: http://tinyurl.com/1llp
> >
> >
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory:
> http://www.serverfiles.com No.1 Exchange > Server Resource
> Site: http://www.msexchange.org Windows Security Resource
> Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax
> Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email
> to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory:
> http://www.serverfiles.com No.1 Exchange > Server Resource
> Site: http://www.msexchange.org Windows Security Resource
> Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax
> Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: m.hippenstiel@xxxxxxxxxxxx To unsubscribe send a
> blank email to $subst('Email.Unsub')
>
Other related posts:
