RE: Protocol question

  • From: "Kenny Mann" <Kennymann@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 7 Apr 2005 15:51:33 -0500

"No - now you're responding to statements I never made."
I don't understand, what statement did you not make?
I copied and pasted directly from the email below.
If I did respond to something that you didn't type... Aww crap, sorry.

"1. takes several iterations to get him to exaplin what he's trying to
do"
Because of the backlash that you gave questions like this, people fear
it. Why? Because it's unproductive. Once everyone found out it was a
game, they could have simply stopped responding or said "Sorry, won't
help ya there."

Copied and pasted:
"-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Thursday, April 07, 2005 4:04 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

I don't bleeping believe it. Or maybe I should.

A confounded on-line game.

Andrew, do you feel a little bit guilty since you did not state until
many posts later that it was an on-line game you were trying to get to
work?

On-line games and firewalls are almost mutually exclusive."

What's the difference between a game and any other piece of software
that goes online?
Want stupidity/ignorance to go away? Ignore them, but responding like
this... People don't tend to take kindly towards it. It hits on a
personal level. It feels like you just called him stupid or something.
Steve figured out how to do it in 20 minutes. Steve has how much
experience at this? How could you expect someone else to do this that
quick? One would think a firewall would be fairly simple to figure out.

"2. when offered the details of the protocols, he continues to ask the
same questions"
I can't help much there.


Kenny 

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Thursday, April 07, 2005 3:17 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

No - now you're responding to statements I never made.
I never made comments about why he wanted to do this; only that it:
1. takes several iterations to get him to exaplin what he's trying to do
2. when offered the details of the protocols, he continues to ask the
same questions

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Kenny Mann [mailto:nazadus@xxxxxxxxxxxxx]
Sent: Thursday, April 07, 2005 11:11
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

"The point I was trying to make is that Andrew, when offered fishing
tackle, only repeated his demands for a fish.

I agree, however it seems that he has already tried those (Am I wrong?
He
did say he tried to open them... The FAQ only told him the information
he already knew). This feels like a "Hey, you need a spinner bait to
catch this kind of fish." after seeing, in his hand, a book on how to
catch that kind of fish mentioning the spinner bait. Wow, this feels
convaluted. I may be wrong here though.

"This, more than anything else, is what garners him my
less-than-friendly responses."

I disagree. I believe that when someone mentions they want to play a
game, the attitude changes towards "You idiot, you shouldn't do that.
Catch a clue". It's also quite possible it's just a communication
problem and some percieve it as a chewing out whereas some are just
trying to inform.
Such
things happen.

Steve:
"Andrew, the best way to do this, believe it or not, is put your pc in a
dmz that is wide open., then use xp firewall. "

This is going to sound stupid but I *really* hate relying on the
built-in windows firewall. I'm overly paranoid (justified or not, I am;
I don't know how it works or where it stocks the packets at, thusly I
don't trust it).
Perhaps placing it in a DMZ and perhaps placing that computer behind the
linkysys (double NAT?). Then again, I hate most software firewalls (ISA
being the *only* exception... And that's only because I was forced to
see the light; Perhaps I'll get over the WinXP firewall eventually...).
This would also allow him to have a separate business and personal side
to his firewall... This might let you (Andrew) sleep better at night.

/two cents.

Kenny 

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, April 07, 2005 11:45 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

You both raise valid points - if you pays your money, you can do
whatever you want with the product you purchased (within EULA limits, of
course).
There are some very strong opinions here regarding what you should allow
through a firewall.
The fact that Andy chooses to mix his tenses in his own environment is
his choice (and hard to defend when he tries to account for it come tax
time).

The point I was trying to make is that Andrew, when offered fishing
tackle, only repeated his demands for a fish.

This, more than anything else, is what garners him my less-than-friendly
responses.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 
-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Thursday, April 07, 2005 09:30
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

I have to agree with you, there is nothing stopping someone from
purchasing ISA server for home use (except maybe money) and wanting to
use it as their "personal" firewall.  And, as a result, there is no
reason why they can't use it for gaming, and request help in doing so.
I think it is a valid question, how to get a certain software program to
run through an ISA server, whatever the software program may be.  People
shouldn't have to hide what program it is simply to avoid
ridicule/flaming.

However, it also the right of the list managers to specify if they want
to provide support for such uses. If the people in charge of this
mailing list decide they don't want to discuss such topics, they can ban
it, but it should be clearly stated.

And don't get me started on that certification crap... *grin*

-----Original Message-----
From: Kenny Mann [mailto:nazadus@xxxxxxxxxxxxx]
Sent: Thursday, April 07, 2005 12:00
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Protocol question

http://www.ISAserver.org

So, does running IIS count as violation of a privacy statement too? What
about PHP on that web server? (Remember the PHP vuln recently?) Does
running
*any* software that is not 100% security guaranteed count towards
breaching the contract? (we all know that no software is secure...
Or at least, that should be our attitudes towards it... I think)

Personally, I'm caught (emotionally) towards your feelings and his.
I don't think I've ever heard of someone getting hacked *only* because
they played some online game. Usually it's from their web server or
running something not properly secured or something inherently insecure
piece of software.
Online games are not inherently insecure or you would hear about
people's machines being zombies because of this.

Am I missing something?
What I'm questioning is the validity of your statements because I don't
understand.  I'm also no security expert either, so perhaps I'm just
ignorant of something.

What this guy has is a mixed situation. He has ISA on a business AND
home network. Not everyone has Fortune 100 clients, so I'm sure they
know they are getting what they pay for (well, I'm going out on a limb
here... A flakey fhakey limb that may hurt me... But for the sake of a
good argument, because this has been brought up before). If ISA is
*only* for business, then perhaps Microsoft (and perhaps more on this
list) should advocate it as such.

Now, I do recall someone asking on the forums and their was a thread
about games that had a pretty comprehensive list...
It's been my experience (coming from a non-certified
person/admin/thing-a-ma-bopper) that getting ISA to let stuff out (IE:
open
port button) can be rather difficult because not everythign is obvious.
Yes, ideally, you want your admin certified, but not every company can
afford it (heck, they hired me when I knew *nothing* for crying out
loud!)

I'm not trying to attack you (sorry, if it comes off as such), John, but
I'm just trying to get the conversation a little deeper.


Kenny Mann 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
nazadus@xxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
kennymann@xxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx




Other related posts: