RE: Add these to your "must do" for your ISA

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 3 Oct 2005 15:25:42 -0700

Almost, but no cigar.
Here's another hint:
"Good-night Doktor..."

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] 
Sent: Monday, October 03, 2005 15:20
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Add these to your "must do" for your ISA

http://www.ISAserver.org

You eat pizza with a fork, don't you?

----- Original Message ----- 
From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, October 03, 2005 3:00 PM
Subject: [isalist] RE: Add these to your "must do" for your ISA


> http://www.ISAserver.org
>
> If'n you aint gots one you gotta add it.
>
> BTW - if you add the EnablePMTU.. value "Make Damnsure" you also got
> MS05-019 installed first.
>
> 3 anti-social points if you identify the quoted phrase...
>
> -------------------------------------------------------
>   Jim Harrison
>   MCP(NT4, W2K), A+, Network+, PCG
>   http://isaserver.org/Jim_Harrison/
>   http://isatools.org
>   Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: Ray Dzek [mailto:Ray.Dzek@xxxxxxxxxxxxxxx]
> Sent: Monday, October 03, 2005 15:03
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Add these to your "must do" for your ISA
>
> http://www.ISAserver.org
>
> So does that mean we should add a DWORD value of NodeType with a value
> of 0x2 under Parameters - Or should there already be a NodeType there?
> 'Cause I ain't got one.  An-if I wuz supozed ta git one, I wants it
now.
>
>
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Sunday, October 02, 2005 4:36 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Add these to your "must do" for your ISA
>
> http://www.ISAserver.org
>
>
> It may have gone overlooked in the general melee of postings, but I
had
> posted these before and thought them worth reiterating...
>
>
>
> - Tired of the ISA sending NetBT broadcasts when DNS lookups fail?
>
> This setting:
>
> HKLM\SystemCurrentControlSet\Services\NetBT\Parameters NodeType,
DWORD,
> 0x2
>
> ..will cure that.
>
> By setting this to a value of 2, You're telling Windows to limit its
> name lookup efforts to defined DNS and WINS servers.
>
> As a result, Windows will no longer wait for NetBT broadcasts to fail
> before reporting a name lookup failure.
>
> Can you say "faster lookup responses and therefore faster connections
> (or failures)", boys and girls?
>
>
>
> - MS05-019 fixed an ICMP MTU vulnerability that existed in Windows.
>
> Because the ISA team was aware of this issue before ISA 2004 shipped,
> they opted to give you a "safe by default" configuration since they
had
> no idea if or when the Windows issue might be fixed.
>
> Unfortunately, it also has the unfortunate side effect of limiting
> Windows to 576-byte packets on all interfaces, reducing network
> efficiency
>
> This setting:
>
> HKLM\SystemCurrentControlSet\Services\Tcpip\Parameters
> EnablePMTUDiscovery, DWORD, 0x0
>
> ..is what the ISA installer creates.
>
> This setting:
>
> HKLM\SystemCurrentControlSet\Services\Tcpip\Parameters
> EnablePMTUDiscovery, DWORD, 0x1
>
> ..is what will remove this protection (or you can delete the
> "EnablePMTUDiscovery" value).
>
>
>
> Both settings require a machine reboot to take effect.
>
> Both settings will clean up your network traffic a bit.
>
>
>
>
>
> Have fun!
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> ray.dzek@xxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:

> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA
• » RE: Add these to your "must do" for your ISA

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---