[isalist] Re: Error during install
- From: "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Sun, 13 Aug 2006 07:25:24 +1000
http://www.ISAserver.org
-------------------------------------------------------
Here Here.
Every time, I've seen a hacked SBS box, it was directly due to some one
doing something stupid, a recent example, Publishing SQL server to the
internet with a really simple 3 letter SA password come to mind. Took
less than a day to get hacked !
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Sent: Saturday, 12 August 2006 17:07
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Error during install
http://www.ISAserver.org
-------------------------------------------------------
For the record it's called SBS 2003 "Premium" not Enterprise in case you
want to google... and I've yet to see a SBS box get hacked. ISA is ISA.
And Microsoft has not built a "vulnerable" product.
We get nailed from stupid users running with admin rights. We get
nailed with professionals that don't use the connect to Internet Wizard
to set up the firewall and set it up incorrectly. That's how we get
nailed. As has been stated.. a properly configured network will be just
fine.
We're not big business, we're small business and it's a reasonable risk.
Day in and day out Amy Babinchak, an ISA professional showcases that ISA
works for small businesses.
Make ISA on a standalone box into a reasonable price range in the Cougar
or Centro era and let's talk.
Folks these days either go with a hardware firewall on the outside for
a smidge of paranoia protection, ISA in a two nic setup ...or they do a
one nic with a Sonicwall because ISA just is not cost effective... or
..quite bluntly.. they don't trust it.
Those of us who believe in ISA (and yes that's those of us who run real
businesses in the real world) we show every day that it can protect even
when it's on the same server with the DC.
It works.
So out here in the real world.... it's ISA or you lose the sale.
That's the real world out here.
There are..however.. those in the SBS mvp community like Jeff Middleton
who want it off the SBS box because of the annoying ways that it
interferes with troubleshooting issues.
Will I want it on the same box in the Cougar era? Ask me when that
ships (whenever that may ship) I might be doing Centro by that time
which probably will peel off that server role. Who knows. I evaluate
my risks and threats and right now I'm comfortable with ISA on the box
with Dana Epp's Firewall dashboard adding more reports that give me the
info I need.
From: "John T \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
Subject: [isalist] Re: Error during install
Date: Fri, 11 Aug 2006 00:26:48 -0700
As the good doctor has said, most ISA professionals will tell you that
including ISA server with SBS Enterprise was a dumb idea.
John T
eServices For You
"Seek, and ye shall find!"
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of ISA
Sent: Thursday, August 10, 2006 8:15 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Error during install
OK, this is where I get confused. I thought ISA 2004 was impenetrable
when properly configured. Why should it make a difference that AD is
running on the same box?
How does SBS 2003 Ent do it? Are there different versions of ISA 2004
(one out of the retail box and one that comes with SBS 2003)?
Has MS built a vulnerable product i.e. SBS 2003 Ent? If so, that would
be a shame being that it is a quickly growing market.
Regardless of 'why' I don't have the answers to my own questions - I
usually follow Tom's advice to the T. And while following Tom's advised
(HAVE DC, NO
ISA) I have purchased Sonic Walls instead; at an increasing rate.
Oh..and I make some additional cash at it too. Client pays $600/$700 vs.
$3,000 $4,000 with ISA.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
