RE: Guide about PING...Faraz

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 7 Apr 2005 10:00:21 -0500

Hi Raj,

That's a goo idea, but unless something has changed with Windows Server
2003, you can use IP Filters on the interface to block ping. 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Periyasamy, Raj [mailto:Raj.Periyasamy@xxxxxxxxxxxx] 
Sent: Thursday, April 07, 2005 9:58 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Guide about PING...Faraz

http://www.ISAserver.org

Faraz,
You may try the TCP/IP packet filtering on the NIC itself, using the NIC
properties, TCP/IP protocol settings, Packet filtering,  for the
internal interface, and allow only the protocols you want to reach the
Internal interface. You can take out the ICMP. By default all protocols
are allowed on all interfaces, so you have to construct your own list of
allowed protocols, and port numbers.


Regards,

Raj Periyasamy
Systems Administrator
MCSE(Messaging), CCNA


-----Original Message-----
From: Faraz [mailto:f_hkhan@xxxxxxxxx] 
Sent: Thursday, April 07, 2005 10:44 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Guide about PING...Faraz

http://www.ISAserver.org

Hi JIM,
you are absolutely right, that is (KB article) not working...that is not
for stoping ICMP to ISA server itself by any internal client!
but one thing after editing registry values do i need to restart system?
> There's an important point here:
> "from the internal network to the external network"
> 
> ISA isn't "external".
> This isn't designed or expected to stop ICMP to the ISA itself.
> 
> -----Original Message-----
> From: Faraz [mailto:f_hkhan@xxxxxxxxx] 
> Sent: Thursday, April 07, 2005 6:49 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Guide about PING...Faraz
> 
> http://www.ISAserver.org
> 
> Hi, TOM
> should i need to follow these steps? at KB article
> "Blocking and Logging Outbound ICMP Traffic
> To unconditionally block and log all outbound ICMP traffic that is
sent
> from the internal network to the external network, follow these steps:
"
> 
> > Hi Raj,
> > 
> > Yes! That's it.
> > 
> > Thanks!=20
> > 
> > 
> > Tom
> > www.isaserver.org/shinder
> > Tom and Deb Shinder's Configuring ISA Server 2004
> > http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > 
> > 
> > -----Original Message-----
> > From: Periyasamy, Raj [mailto:Raj.Periyasamy@xxxxxxxxxxxx]=20
> > Sent: Thursday, April 07, 2005 8:19 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Guide about PING...Faraz
> > 
> > http://www.ISAserver.org
> > 
> > Is it this one Tom?
> > 
> >
>
http://support.microsoft.com/default.aspx?scid=3Dkb;en-us;283213#XSLTH31
> 2=
> > 3
> > 121123120121120120
> > 
> > 
> > Raj Periyasamy
> > Systems Administrator
> > MCSE(Messaging), CCNA
> > 
> > 
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]=20
> > Sent: Thursday, April 07, 2005 8:52 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Guide about PING...Faraz
> > 
> > http://www.ISAserver.org
> > 
> > Hey guys,
> > 
> > There used to be an article on the KB site on how to block PING
> requests
> > on the LAT interface of the ISA 2000 firewall. Can't seem to find it
> > today :(=20
> > 
> > 
> > Tom
> > www.isaserver.org/shinder
> > Tom and Deb Shinder's Configuring ISA Server 2004
> > http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > 
> > 
> > -----Original Message-----
> > From: Steve Moffat [mailto:steve@xxxxxxxxxx]=20
> > Sent: Thursday, April 07, 2005 7:44 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Guide about PING...Faraz
> > 
> > http://www.ISAserver.org
> > 
> > Is your ISA returning the ping requests??
> > 
> > S=20
> > 
> > -----Original Message-----
> > From: Faraz [mailto:f_hkhan@xxxxxxxxx]=20
> > Sent: Thursday, April 07, 2005 9:29 AM
> > To: ISA Mailing List
> > Subject: [isalist] Guide about PING...Faraz
> > 
> > http://www.ISAserver.org
> > 
> > Faraz : i am in standalone environment, using ISA 2000, some clients
> in
> > my internal network send their Ping Requests contineously to my ISA
> > server for checking that either the ISA Machine is ON or OFF, i wana
> > block those ping requests comming from the internal network, i used
> that
> > article found at isaserver.org "How to create a packet filter for
> > dropping ICMP Packets (Ping Requests)" and restarted all three
> services
> > of ISA but still can't get the rid of PING requests.....Please guide
> me.
> > --------------------------
> > Jim Harrison : Restart Service after creating packet filter.
> > Jim Harrison : get the rid of that ISA "Allow All" rule.
> > --------------------------
> > Faraz : No, that is also not working i disabled that "Allow Rule"
and
> > also disabled my own created protocol rules and even disabled all
the
> IP
> > packet filters which were created by default by ISA 2000 during
> > installation, i only enabled that one IP packet filter as described
in
> > the "How to create a packet filter for dropping ICMP Packets (Ping
> > Requests)" which drops ICMP ping Query, and restarted all services
of
> > ISA 2000, but still my clients are sending me ping requests! WHY???
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
Leading
> > Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows
> > Security Resource Site: http://www.windowsecurity.com/ Network
> Security
> > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > isalist@xxxxxxxxxx To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > The haggis is unusual in that it is neither consistently nocturnal
nor
> > diurnal, but instead is active at dawn and dusk (crepuscular), with
> > occasional forays forth during the day and night.=20
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit =
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > raj.periyasamy@xxxxxxxxxxxx
> > To unsubscribe visit =
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit =
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
raj.periyasamy@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz
• » RE: Guide about PING...Faraz

1. Home
2. isalist
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---