RE: Add these to your "must do" for your ISA
- From: Alexandre Gauthier <gauthiera@xxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 4 Oct 2005 08:45:44 -0400
Hairy kiwis
_____
De : Steve Moffat [mailto:steve@xxxxxxxxxx]
Envoyé : 2 octobre 2005 22:40
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
fruitcake
_____
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Sunday, October 02, 2005 11:37 PM
To: ISA Mailing List
Subject: [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
hot apples
_____
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Monday, October 03, 2005 12:15 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Add these to your "must do" for your ISA
http://www.ISAserver.org
Cool banana's...:>))
_____
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Sunday, October 02, 2005 8:36 PM
To: ISA Mailing List
Subject: [isalist] Add these to your "must do" for your ISA
http://www.ISAserver.org
It may have gone overlooked in the general melee of postings, but I had
posted these before and thought them worth reiterating...
- Tired of the ISA sending NetBT broadcasts when DNS lookups fail?
This setting:
HKLM\SystemCurrentControlSet\Services\NetBT\Parameters NodeType, DWORD, 0x2
..will cure that.
By setting this to a value of 2, You're telling Windows to limit its name
lookup efforts to defined DNS and WINS servers.
As a result, Windows will no longer wait for NetBT broadcasts to fail before
reporting a name lookup failure.
Can you say "faster lookup responses and therefore faster connections (or
failures)", boys and girls?
- MS05-019 fixed an ICMP MTU vulnerability that existed in Windows.
Because the ISA team was aware of this issue before ISA 2004 shipped, they
opted to give you a "safe by default" configuration since they had no idea
if or when the Windows issue might be fixed.
Unfortunately, it also has the unfortunate side effect of limiting Windows
to 576-byte packets on all interfaces, reducing network efficiency
This setting:
HKLM\SystemCurrentControlSet\Services\Tcpip\Parameters EnablePMTUDiscovery,
DWORD, 0x0
..is what the ISA installer creates.
This setting:
HKLM\SystemCurrentControlSet\Services\Tcpip\Parameters EnablePMTUDiscovery,
DWORD, 0x1
..is what will remove this protection (or you can delete the
"EnablePMTUDiscovery" value).
Both settings require a machine reboot to take effect.
Both settings will clean up your network traffic a bit.
Have fun!
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
_____
<http://haggishunt.scotsman.com/haggisclopedia.cfm?part=5> The correct
technical term for haggis stalking is "havering".
_____
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
