RE: DNS server
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 27 Oct 2004 13:48:54 -0700
You can't use publishing rules for the DNS publishing on ISA 2000; you MUST use
packet filters.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Administrator [mailto:Administrator@xxxxxxxxxxxxx]
Sent: Wednesday, October 27, 2004 10:15
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
Hi Jim
There is no DMZ...the DNS server is the ISA machine itself.
Have added the 4 packets filters as described at
http://support.microsoft.com/default.aspx?scid=kb;en-us;291662
And I added the 2 publishing rules.
Am I wrong on these steps?
William
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: 27 October 2004 19:03
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
You have the DNS attack filter dropping zone transfer requests, which
means you have server-published these DNS servers.
Look for and disable the server publishing rules that affect these DNS
servers if they REALLY exist in a DMZ.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Administrator [mailto:Administrator@xxxxxxxxxxxxx]
Sent: Tuesday, October 26, 2004 15:07
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
Hi
Mentioning DNS filters....it seems like I have some kind of issue with
them.
The primary zones are all 100% operational. However the secondary zones
are still giving me grief.
Event logs show;
ISS Event ID 20009 DNS Zone Transfer from high ports detected from
IP:11997 to IP:53
And
Event ID 6525
Zone transfer request for secondary zone theoneinfront.com refused by
master server at etc etc.
Could the DNS filter be the issue?
If so is there a solution?
William
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: 26 October 2004 18:25
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS server
http://www.ISAserver.org
Packet filters don't pass the traffic through the application filters.
Thus, your DMZ-based DNS servers can't take advantage of the DNS
intrusion filter ISA includes..
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
