RE: Stop me before I jump...

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 22 Jan 2004 17:06:28 -0600

Hi Amy,
 
The thing that gets me is that the term is useless and meaningless and leads to 
uneeded confusion.
 
The tech support guy who says "open ports 1, 2 and 3". OK, first there is no 
open port button. Second, there is no directionality to the statement. Third, 
there is no source or destination port information in the statement. Fourth, 
there is no indication of whether this is a primary to secondary connection. 
Fifth, it says nothing about things like the app layer protocol embedding 
private addresses in the comm stream.
 
The "open a port" concept comes from people who have no idea what's going on. 
They imagine that the firewall is a wall with a series of serrated circles on 
it, and each of these circles has a number. Now, to open port 3, you just punch 
is out and "stuff" (not otherwise specified) flows through it. Too bad things 
don't work that way, otherwise the Open Port Button [patent pending] would be a 
useful thing and not something used for comic relief :)
 
Thanks!
Tom

  _____  

From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, January 21, 2004 3:04 PM
To: [ISAserver.org Discussion List]
Subject: RE: [isalist] Stop me before I jump...


Yes, well the information is uesful for those of us that have to support 
non-ISA firewall configurations. Beleive me I hate that my only options on a 
symantec firewall/VPN thingy are open or non-existant. Talk about a security 
problem waiting to happen. Such is the life of a consultant.
 
Amy

  _____  

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Wed 1/21/2004 3:58 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Stop me before I jump...


http://www.ISAserver.org
http://www.ISAserver.org

From the Windows 2003 Help File:
 
"To use Remote Assistance through a firewall
Remote Assistance uses the Remote Desktop Protocol (RDP) to establish a 
connection between a user requesting help and an assistant providing it. The 
RDP uses TCP port 3389 for this connection. To allow users within an 
organization to request help outside your organization using Remote Assistance, 
port 3389 must be open at the firewall. To prohibit users from requesting help 
outside the organization, this port should be closed at the firewall."

...where is that dreaded Open Port[Patent Pending] button?...
 
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>  
  <http://www.microsoft.com/isaserver/beta/default.asp> 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> 

 
 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=alist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=alist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

GIF image

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2004