Re: ISA Port 80

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 16 Aug 2001 07:25:31 -0700

You're confusing the "stealth" feature of many consumer firewalls with
server-oriented functionality of an enterprise firewall.
1. You can't make a service request until you have established a TCP
connection to the server.  It the port doesn't respond to requests, then the
rest of the communication never happens.
2. ISA will evaluate the connection based on the merits of the request (or
timeout, if none appears).  If it doesn't meet with the requirements of the
protocol and the restrictions you set, it's dumped.

Jim Harrison
MCP(2K), A+, Network+, PCG

----- Original Message -----
From: <Thor@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, August 16, 2001 6:34 AM
Subject: [isalist] Re: ISA Port 80


http://www.ISAserver.org


Yeah- I could not get far with it, though I really did not try too hard... I
just don't like the ISA server saying "Hey, I've got a web server over
here!" where none exists.  As far as I am concerned, that guy should be
_totally_ silent unless explicitly asked to serve ports...

So I take it that this is "known, expected" behavior then? Anyone else _not_
experiencing this?

----- Original Message -----
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, August 15, 2001 4:51 PM
Subject: [isalist] Re: ISA Port 80


> http://www.ISAserver.org
>
>
> No, you can telnet all day, but you'll never get anywhere, because ISA
will
> refuse any request that has no rule allowing it.
>
> Jim Harrison
> MCP(2K), A+, Network+, PCG
>
> ----- Original Message -----
> From: <Thor@xxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, August 15, 2001 4:51 PM
> Subject: [isalist] Re: ISA Port 80
>
>
> http://www.ISAserver.org
>
>
> External interface... No Web or Server publishing, no Web Listeners
> configured at all, IIS is not even loaded.
> Even setting up a packet filter to block 80 on the external interface does
> not kill it.  With all these options, one can still telnet to the external
> interface port 80 and connect.
>
> wsup wid dat?
>
>
> ----- Original Message -----
> From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, August 15, 2001 4:40 PM
> Subject: [isalist] Re: ISA Port 80
>
>
> > http://www.ISAserver.org
> >
> >
> > Just so we're talking about the same thing, which interface?
> >
> > Jim Harrison
> > MCP(2K), A+, Network+, PCG
> >
> > ----- Original Message -----
> > From: <Thor@xxxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, August 15, 2001 3:31 PM
> > Subject: [isalist] Re: ISA Port 80
> >
> >
> > http://www.ISAserver.org
> >
> >
> > That's what I was thinking, but it does not.  I never set any up in the
> > first place, but still verified that there is no IP listener...
> >
> > Any ideas?
> >
> > ----- Original Message -----
> > From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, August 15, 2001 2:42 PM
> > Subject: [isalist] Re: ISA Port 80
> >
> >
> > > http://www.ISAserver.org
> > >
> > >
> > > If you configure the listener "per IP" and don't select any external
> IPs,
> > > then port 80 should close.
> > >
> > > Jim Harrison
> > > MCP(2K), A+, Network+, PCG
> > >
> > > ----- Original Message -----
> > > From: <Thor@xxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, August 15, 2001 2:33 PM
> > > Subject: [isalist] Re: ISA Port 80
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > >
> > > Don't I have to configure an IP to listen on?  Is there no way to turn
> > that
> > > off, or is 80 always going to show open on the box (assuming I don't
> > change
> > > the listen port)?
> > >
> > >
> > >
> > > ----- Original Message -----
> > > From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, August 15, 2001 2:02 PM
> > > Subject: [isalist] Re: ISA Port 80
> > >
> > >
> > > > http://www.ISAserver.org
> > > >
> > > >
> > > > The incoming web listener is listening.
> > > >
> > > > Jim Harrison
> > > > MCP(2K), A+, Network+, PCG
> > > >
> > > > ----- Original Message -----
> > > > From: <Thor@xxxxxxxxxxxxxxx>
> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > > Sent: Wednesday, August 15, 2001 1:52 PM
> > > > Subject: [isalist] ISA Port 80
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > >
> > > > Here is another one for ya...
> > > >
> > > > Why is port 80 open on my ISA server, even when no publishing is
done,
> > and
> > > > when IIS is not even installed?  I went as far as to put an explicit
> > block
> > > > of 80, but it still shows as open on external scans, and you can
even
> > > telnet
> > > > to it.
> > > >
> > > > Is it needed for the Web Proxy???  Who exactly is listening?
> > > >
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion List
as:
> > > > jim@xxxxxxxxxxxx
> > > > To unsubscribe send a blank email to
> $subst('Email.Unsub')
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion List
as:
> > > thor@xxxxxxxxxxxxxxx
> > > > To unsubscribe send a blank email to
> $subst('Email.Unsub')
> > >
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> >
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
> >
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
thor@xxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80

1. Home
2. isalist
3. Archive
4. 08-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---