Re: DNS intrusion filter

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 28 Jun 2002 08:18:58 -0700

Yes, you can, but what's to be gained?
Leave the App filter in place; it'll alert you if/when the remote DNS
servers get whacky on you (technical term; requires years of study).

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: "Cristian Bratu" <cristian.bratu@xxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, June 27, 2002 10:37 PM
Subject: [isalist] Re: DNS intrusion filter


http://www.ISAserver.org


Thanks Jim,
If I understand, any application filter applies after packet filtering
only on the allowed traffic. And if I configure correctly the packet
filters to allow DNS ZT only from my external DNS servers the application
filter can be disabled. Is it correct?

Cristian Bratu MCSE, CCNA

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » DNS intrusion filter
• » Re: DNS intrusion filter
• » Re: DNS intrusion filter
• » Re: DNS intrusion filter
• » Re: DNS intrusion filter
• » Re: DNS intrusion filter

1. Home
2. isalist
3. Archive
4. 06-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---