Re: Using applications on server

  • From: "Mark Strangways" <strangconst@xxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Sat, 16 Mar 2002 22:06:52 -0500

U all are making me VERY nervous with your talk of lock downs.
Makes me wanna check my logs.
----- Original Message -----
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Saturday, March 16, 2002 9:55 PM
Subject: [isalist] Re: Using applications on server


> http://www.ISAserver.org
>
>
> That's why I advocate the ISA's "deny all except that which I specify"
> default policy.
> Nothing passes except what I choose to allow.
> I'm just a little anal (rectal; colonial?) when it comes to my paid
> bandwidth...
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/authors/harrison/
> Read the books!
> ----- Original Message -----
> From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Saturday, March 16, 2002 5:42 PM
> Subject: [isalist] Re: Using applications on server
>
>
> http://www.ISAserver.org
>
>
> Hi Jim,
>
> The more I see of this, the more adamant I'm becoming.  Look at this
> crud generated in just 58 seconds from ONE user! Of course, the result
> code is satisfying :-)
>
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:07, -, -,
> -, -, 24.158.72.98, 1214, 200, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 19
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:07, -,
> -, -, -, 24.159.36.121, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 20
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:08, -,
> -, -, -, 65.95.193.156, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 21
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:09, -,
> -, -, -, 12.219.44.189, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 22
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:10, -, -,
> -, -, 24.60.93.236, 1214, 70, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 23
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:10, -,
> -, -, -, 68.33.82.115, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 24
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:11, -,
> -, -, -, 12.227.2.195, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 25
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:12, -,
> -, -, -, 66.73.197.52, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 26
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:12, -, -,
> -, -, 12.254.236.116, 1214, 60, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 27
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:13, -,
> -, -, -, 66.25.252.148, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 28
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:14, -,
> -, -, -, 24.187.169.139, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 29
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:15, -, -,
> -, -, 12.224.84.116, 1214, 70, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 30
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:15, -,
> -, -, -, 12.234.81.86, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 31
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:16, -,
> -, -, -, 24.66.145.102, 12205, -, 0, 0, 12205, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 32
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:17, -,
> -, -, -, 24.217.193.26, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 33
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:18, -, -,
> -, -, 168.122.204.101, 1214, 70, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 34
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:18, -,
> -, -, -, 172.150.221.16, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 35
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:19, -,
> -, -, -, 12.245.52.203, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 36
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:20, -,
> -, -, -, 66.74.119.184, 6347, -, 0, 0, 6347, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 37
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:21, -, -,
> -, -, 12.236.70.99, 1214, 70, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 38
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:21, -,
> -, -, -, 66.176.89.75, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 39
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:22, -,
> -, -, -, 65.34.254.171, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 40
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:23, -,
> -, -, -, 62.107.72.92, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 41
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:23, -, -,
> -, -, 12.243.151.17, 1214, 60, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 42
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:24, -,
> -, -, -, 67.34.184.116, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 43
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:25, -,
> -, -, -, 12.218.153.130, 6387, -, 0, 0, 6387, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 44
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:26, -,
> -, -, -, 204.118.186.30, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 46
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:26, -, -,
> -, -, 64.106.92.104, 1214, 160, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 45
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:27, -,
> -, -, -, 24.70.67.171, 6350, -, 0, 0, 6350, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 47
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:28, -,
> -, -, -, 24.79.6.30, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 11, 48
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:29, -, -,
> -, -, 65.32.211.218, 1214, 60, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 49
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:29, -,
> -, -, -, 142.179.26.199, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 50
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:30, -,
> -, -, -, 24.79.29.46, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 11, 51
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:31, -,
> -, -, -, 68.45.172.148, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 52
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:32, -, -,
> -, -, 129.21.152.193, 1214, 531, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 53
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:32, -,
> -, -, -, 66.65.42.22, 6410, -, 0, 0, 6410, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 11, 54
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:33, -,
> -, -, -, 24.72.59.50, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 11, 55
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:34, -,
> -, -, -, 4.41.137.238, 6346, 10, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 56
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:35, -, -,
> -, -, 12.219.28.253, 1214, 70, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 57
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:35, -,
> -, -, -, 35.11.130.99, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 58
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:36, -,
> -, -, -, 24.25.92.49, 6387, -, 0, 0, 6387, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 11, 59
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:37, -,
> -, -, -, 204.118.186.30, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 60
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:38, -, -,
> -, -, 168.122.168.26, 1214, 80, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 61
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:38, -,
> -, -, -, 65.66.21.135, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 62
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:39, -,
> -, -, -, 172.182.157.186, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 63
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:40, -,
> -, -, -, 24.81.74.108, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 64
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:41, -,
> -, -, -, 216.78.107.68, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 66
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:42, -,
> -, -, -, 213.7.94.82, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 11, 67
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:42, -, -,
> -, -, 129.119.179.17, 1214, 2053, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 65
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:43, -,
> -, -, -, 12.230.22.103, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 68
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:44, -,
> -, -, -, 65.28.72.104, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 69
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:45, -,
> -, -, -, 172.193.184.66, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 71
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:45, -, -,
> -, -, 168.122.249.229, 1214, 80, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 70
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:46, -,
> -, -, -, 141.155.57.18, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 72
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:47, -,
> -, -, -, 68.56.105.159, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 73
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:48, -, -,
> -, -, 140.192.175.133, 1214, 90, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 74
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:48, -,
> -, -, -, 68.60.184.134, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 75
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:49, -,
> -, -, -, 65.26.82.169, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 76
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:50, -,
> -, -, -, 165.247.164.109, 6346, 10, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 77
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:51, -, -,
> -, -, 24.91.86.194, 1214, 60, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 78
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:51, -,
> -, -, -, 65.27.149.85, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 79
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:52, -,
> -, -, -, 142.163.166.110, 6411, 150, 0, 0, 6411, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 80
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:53, -,
> -, -, -, 217.226.205.44, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 81
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:54, -, -,
> -, -, 132.236.54.230, 1214, 120, 0, 0, 1214, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 10, 82
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:54, -,
> -, -, -, 24.114.39.91, 6346, 110, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 83
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:56, -,
> -, -, -, 128.42.6.31, 6346, 10, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 84
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:35:57, -, -,
> -, -, 24.88.101.159, 1214, 80, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 85
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:57, -,
> -, -, -, 216.189.1.155, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 86
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:58, -,
> -, -, -, 207.175.219.173, 6346, 10, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 87
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:35:59, -,
> -, -, -, 12.231.119.87, 6346, 70, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 88
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:36:00, -, -,
> -, -, 24.52.184.146, 1214, 10, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 89
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:36:00, -,
> -, -, -, 216.117.92.204, 6346, 110, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 90
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:36:01, -,
> -, -, -, 65.97.12.144, 6346, 70, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 91
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:36:03, -, -,
> -, -, 24.217.154.99, 1214, 70, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 92
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:36:04, -,
> -, -, -, 66.66.130.24, 6348, 60, 0, 0, 6348, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 94
> 192.168.1.145, user1001, morpheusp.exe:3:5.0, -, 3/16/2002, 19:36:05, -,
> -, -, -, 24.82.214.229, 6346, -, 0, 0, 6346, TCP, Connect, -, -, -,
> 13301, -, block user1001, Allow All Users, 11, 95
> 192.168.1.145, user1001, Kazaa.exe:3:5.0, -, 3/16/2002, 19:36:05, -, -,
> -, -, 24.96.58.244, 1214, 100, 0, 0, 1214, TCP, Connect, -, -, -, 13301,
> -, block user1001, Allow All Users, 10, 96
>
> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Saturday, March 16, 2002 6:22 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Using applications on server
>
> http://www.ISAserver.org
>
>
> I totally agree with both of you (ask my daughter about what happened
> when I
> discovered morpheus entries in my FW logs).
> That's why I don't offer specific answer to "how do I" for them.
> That way I don't get into the "I have a right to" discussions with
> anyone.
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/authors/harrison/
> Read the books!
> ----- Original Message -----
> From: "Joseph" <cismic@xxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Saturday, March 16, 2002 1:47 PM
> Subject: [isalist] Re: Using applications on server
>
>
> http://www.ISAserver.org
>
>
> Hi Tom,
>
> I have a 19 year old. I'm the resident "FAN" man for my two brothers and
> their kids!  They think I'm too paranoid about these things.  I tell you
> I don't like programs to snoop on what I'm doing.  I have nothing to
> hide but it is none of their business.
>
> One of the largest portals on file sharing programs is
> http://www.zeropaid.com/.  There is some good information on what they
> are. You would be surprised at how many of them there are!
>
> I did a presentation at MS 2 years ago on common sense security. That
> covered programs like ICQ, mIRC, and what to do to protect your self
> from this type of intrusion. So, many people want these on a system.  I
> should dig that out and email to you.  It is basically pretty simple and
> talks about things that most people take for granted. Heck I don't even
> accept *.exe's from any one any more.
>
> Here are some interesting links on file sharing programs that I have in
> my favorites section:
> http://www.masternewmedia.com/issue7/share.htm
> http://www.usewisdom.com/weblog/peer.html
> http://www.scumware.com/
>
> With most of these services you can block the ports that they use. With
> lime wire the biggest port to block is. 8989, 3289 etc.  I think I
> should add the task of finding out all the ports that the shareware
> programs use.
>
> Joseph
>
>
> -----Original Message-----
> From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
> Sent: Saturday, March 16, 2002 1:21 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Using applications on server
>
> http://www.ISAserver.org
>
>
> Hi Joseph,
>
> This is a very big issue for those that run "Family Area Networks"
> (FANs), especially the fact that they kids install this stuff and the
> parents have no ideas what's going on. Unfortunately, I belong to that
> group right now, because I'm not well versed on exactly how these
> Scumware products work. I assume that all those dropped packets on my
> external interface are due to other Kaaza and Morpheus users attempting
> to create new (non-ACK) connections to my external interface because the
> file sharing program has shared the contents of a particular folder on
> the user's hard disk? You would have to open are particular port or
> ports by creating a server publishing rules for external users to create
> a new connection, wouldn't you?
>
> The Spyware, virus and Trojan issue is a big one too. Kids aren't  too
> security minded because they think the world is a pretty bright and
> cheery place :-). It's good for kids to think that way because they
> should enjoy being kids before becoming neurotic later in life.
>
> BTW -- do you know if there are any good resources that give the details
> on how these app's work?
>
> Thanks!
>
> Tom
>
> -----Original Message-----
> From: Joseph [mailto:cismic@xxxxxxx]
> Sent: Saturday, March 16, 2002 2:54 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Using applications on server
>
> http://www.ISAserver.org
>
>
> Hello all,
>
> File sharing programs.  I don't like all the hidden things that they
> could install on your system.  There are so many out there now. Bear
> shear, Limewire, and of course the daddy of them all napster.
>
> Not only do they buildup lots of log file data improperly configured
> installing of these products open up the users system to potential
> abuse.
> For example if the system was setup at a root directory c:\ all the
> documents in the root directory could be available for searching. And,
> If I searched on *.doc or *.xls those files do appear for download.  Now
> what happens if I get your credit card information or bank statements?
> The first thing I guess would be user education.  But, it is the kids
> that usually load that software and parents don't have a clue.
>
> It's not necessarily the ports that I would worry about but more the key
> strokes logged and what files were downloaded. Some of the new
> installation programs install spy ware on the computers in use and
> transmit that back to a host system.
>
> Joseph
>
> -----Original Message-----
> From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
> Sent: Saturday, March 16, 2002 11:55 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Using applications on server
>
> http://www.ISAserver.org
>
>
> Hi Jim,
>
> I can't say enough about how much I hate file sharing programs :-() Our
> son came over to stay for a few days and decided that he wanted to use
> Kaaza and Morpheus. Our Firewall and packet filter logs for our SOHO
> usually run about 4-5 MBs/day.
>
> I opened things up a bit so that he could use Kaaza and Morpheus, and
> our firewall and packet filter logs for each of those days were over 40
> MB!!! That was just one user. Can you imagine if you had a network of
> users using that cr*p? It boggles the mind.
>
> Thanks for listening :-)
>
> Tom
> www.isaserver.org/shinder
>
>
> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Saturday, March 16, 2002 1:33 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Using applications on server
>
> http://www.ISAserver.org
>
>
> The first rule of firewalls is:
>     Don't use them for anything else
> If you can place your file sharing app inside the firewall, you'll be
> much
> happier and safer.
> Applications running on the ISA need packet filters to access the
> Internet
> (unless they understand proxy settings).
> Protocol rules allow internal hosts to get out, but don't have any
> bearing
> on apps running on the ISA itself.
>
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/authors/harrison/
> Read the books!
> ----- Original Message -----
> From: "Paul Duthie" <duthie.paul.j@xxxxxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, March 14, 2002 7:50 PM
> Subject: [isalist] Using applications on server
>
>
> http://www.ISAserver.org
>
>
> Hello Folks,
>
> I'm wanting to run some file sharing apps on my ISA server (which is
> connected to a cable modem) so that I can use my computer for other
> things. However, none of them seem to be able to connect through the
> firewall when they can connect through the firewall from the
> workstations. Any ideas ?
>
>
> --
> Best regards,
> Paul Duthie                     duthie.paul.j@xxxxxxxxxxxxxxxxxx
> Network Manager,
> Ballarat High School            www.ballaraths.vic.edu.au
> Sent Using The Bat! Version 1.54 Beta/45
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> cismic@xxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> cismic@xxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
strangconst@xxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')



Other related posts: