Re: DNS intrusion filter
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 27 Jun 2002 15:11:34 -0700
Generally speaking, all application filters are IP-ignorant.
ISA recognizes a particular protocol and if a related application filter is
installed and active, ISA passes the traffic through the appropriate filter
for further processing.
This is the heart of ISA's L4+ smarts.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: "Cristian Bratu" <cristian.bratu@xxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, June 27, 2002 7:49 AM
Subject: [isalist] Re: DNS intrusion filter
http://www.ISAserver.org
Thanks Jim,
Your answer is correct, the external DNS is making the transfer on a high
port (above 1024), but what I dont understand is: the filter is
"filtering" the traffic that I permit or all the DNS ZT traffic that
arrives at my external network adapter? And if it filters all the DNS
traffic, it does that before or after the IP packet filters? And if I have
two different IP addresses on the external interface does it filters the
traffic targeted at both addresses? These are my concerns because there is
no configuration possible on that application filter.
Thank you very much.
Cristian Bratu MCSE, CCNA
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
