"Shoe horn" springs to mind...
http://www.ISAserver.org
Generally, I eschew utensils, but mostly, I chew food, although I don't shoe animals...
------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------------------
-----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Monday, October 03, 2005 15:33 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
No, I mean, really. I bet you eat your pizza with a fork. :-p
----- Original Message ----- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, October 03, 2005 3:25 PM
Subject: [isalist] RE: Add these to your "must do" for your ISA
valuehttp://www.ISAserver.org
Almost, but no cigar. Here's another hint: "Good-night Doktor..."
------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------------------
-----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Monday, October 03, 2005 15:20 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
You eat pizza with a fork, don't you?
----- Original Message ----- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, October 03, 2005 3:00 PM
Subject: [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
If'n you aint gots one you gotta add it.
BTW - if you add the EnablePMTU.. value "Make Damnsure" you also got MS05-019 installed first.
3 anti-social points if you identify the quoted phrase...
------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------------------
-----Original Message----- From: Ray Dzek [mailto:Ray.Dzek@xxxxxxxxxxxxxxx] Sent: Monday, October 03, 2005 15:03 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
So does that mean we should add a DWORD value of NodeType with athere?of 0x2 under Parameters - Or should there already be a NodeTypeas:'Cause I ain't got one. An-if I wuz supozed ta git one, I wants itnow.had
-----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Sunday, October 02, 2005 4:36 PM To: [ISAserver.org Discussion List] Subject: [isalist] Add these to your "must do" for your ISA
http://www.ISAserver.org
It may have gone overlooked in the general melee of postings, but IDWORD,posted these before and thought them worth reiterating...
- Tired of the ISA sending NetBT broadcasts when DNS lookups fail?
This setting:
HKLM\SystemCurrentControlSet\Services\NetBT\Parameters NodeType,had0x2
..will cure that.
By setting this to a value of 2, You're telling Windows to limit its name lookup efforts to defined DNS and WINS servers.
As a result, Windows will no longer wait for NetBT broadcasts to fail before reporting a name lookup failure.
Can you say "faster lookup responses and therefore faster connections (or failures)", boys and girls?
- MS05-019 fixed an ICMP MTU vulnerability that existed in Windows.
Because the ISA team was aware of this issue before ISA 2004 shipped, they opted to give you a "safe by default" configuration since theyno idea if or when the Windows issue might be fixed.
Unfortunately, it also has the unfortunate side effect of limiting Windows to 576-byte packets on all interfaces, reducing network efficiency
This setting:
HKLM\SystemCurrentControlSet\Services\Tcpip\Parameters EnablePMTUDiscovery, DWORD, 0x0
..is what the ISA installer creates.
This setting:
HKLM\SystemCurrentControlSet\Services\Tcpip\Parameters EnablePMTUDiscovery, DWORD, 0x1
..is what will remove this protection (or you can delete the "EnablePMTUDiscovery" value).
Both settings require a machine reboot to take effect.
Both settings will clean up your network traffic a bit.
Have fun!
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion Listas:ray.dzek@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion Listas:http://www.webelists.com/cgi/lyris.pl?enter=isalistjim@xxxxxxxxxxxx To unsubscribe visitReport abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion Listhttp://www.webelists.com/cgi/lyris.pl?enter=isalist
http://www.webelists.com/cgi/lyris.pl?enter=isalistthor@xxxxxxxxxxxxxxx To unsubscribe visitReport abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visitReport abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as:
http://www.webelists.com/cgi/lyris.pl?enter=isalistthor@xxxxxxxxxxxxxxx To unsubscribe visitReport abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx