RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 7 May 2004 11:15:10 -0700

No, I mean design specs.  ISA was specifically designed to limit the external 
side to a single interface.
When you're ready to learn about how ISA is designed, come back to class; but 
please sit in the back as you're disturbing the rest 
of the students.

Also, the correct phrase is "misquote".
There's nothing in my response that hints at anything you're poorly 
articulating.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Jay" <jschwarzkopf@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, May 07, 2004 10:39
Subject: [isalist] RE: ISA Server is not a Firewall !!! 
http://www.kbalertz.com/Feedback_832659.aspx


http://www.ISAserver.org

You mean design limitation.

And hardly bitchin.  I was just quoting you:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=O2WkOL%23VBHA.1916%40tkmsftngp03&rnum=3&prev=/groups%3Fq%3D%2522ip%2Bspoof%2Bdetection%2522%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3DO2WkOL%2523VBHA.1916%2540tkmsftngp03%26rnum%3D3



----- Original Message ----- 
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, May 07, 2004 11:36 AM
Subject: [isalist] RE: ISA Server is not a Firewall !!!
http://www.kbalertz.com/Feedback_832659.aspx


> http://www.ISAserver.org
>
> The alternative is to use the product within its design specs.
> Anything else you do gets you less functionality and protection.
>
> ISA does not support multiple public interfaces.  This was (and still is)
a design decision.
> I expect full routing functionality from a firewall the same way I expect
full firewall functionality from a router.
>
> Use each device within its design goals and quicherbitchin...
>
>  Jim Harrison
>  MCP(NT4, W2K), A+, Network+, PCG
>  http://www.microsoft.com/isaserver
>  http://isaserver.org/Jim_Harrison
>  http://isatools.org
>
>  Read the help, books and articles!
> ----- Original Message ----- 
> From: "Jay" <jschwarzkopf@xxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Friday, May 07, 2004 08:10
> Subject: [isalist] RE: ISA Server is not a Firewall !!!
http://www.kbalertz.com/Feedback_832659.aspx
>
>
> http://www.ISAserver.org
>
> "The only workaround I've heard of is to disable IP spoof detection and
this
> affects the whole ISA, not just that one interface.  Needless to say,
that's
> not a good alternative for me or anyone else that's tried it."
>
>
> ----- Original Message ----- 
> From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Friday, May 07, 2004 10:54 AM
> Subject: [isalist] RE: ISA Server is not a Firewall !!!
> http://www.kbalertz.com/Feedback_832659.aspx
>
>
> > http://www.ISAserver.org
> >
> > A good firewall must include good router functionality in the same way a
> fish must include a PDA.
> > This article and issue arises because folks choose to use a product
> outside of its design goals.
> >
> > You can scream in email all day long; it doesn't make you sound any more
> believable.
> >
> > Disabling an alert does not stop the blocking action, just the alerts
that
> get generated from it.
> > Learn to read what's written; not what you choose to make of it.
> >
> >  Jim Harrison
> >  MCP(NT4, W2K), A+, Network+, PCG
> >  http://www.microsoft.com/isaserver
> >  http://isaserver.org/Jim_Harrison
> >  http://isatools.org
> >
> >  Read the help, books and articles!
> > ----- Original Message ----- 
> > From: "Idan Plotnik" <idan@xxxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Friday, May 07, 2004 04:45
> > Subject: [isalist] RE: ISA Server is not a Firewall !!!
> http://www.kbalertz.com/Feedback_832659.aspx
> >
> >
> > http://www.ISAserver.org
> >
> > Hi Thomas,
> >
> > Yesterday I came back from TechEd in Israel, I believe in the way
> > Microsoft works and I am working a lot with Microsoft products, in
> > additional I am doing some works for Microsoft, but this issue is not
> > relevant to my work, I mean that this kind of Bugs must be discover
> > before the product is going in to the market and not after 2 or 3
> > years!!! Don't you agree with me? Tell me something else, do you think
> > it reasonable to disable the IP Spoof Detection option on a
> > FIREWALL???!!!!???!!!! To enable another function to work properly????
> >
> > And by the way!!! A good Firewall must include a good router
> > functions!!! It's not a separate function, When I read your line "but
> > since you've confused firewalls with routers" I laugh because it's not a
> > good way of thinking!!! There are a lot of people that thinks that
> > Firewall just blocks ports or protocols and it's not true
> >
> > Thanks and have a good day.
> >
> >
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Friday, May 07, 2004 1:00 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: ISA Server is not a Firewall !!!
> > http://www.kbalertz.com/Feedback_832659.aspx
> >
> > http://www.ISAserver.org
> >
> > Hi Idan,
> >
> > It's a good thing no other firewalls have any issues :-\
> >
> > This is the first time I've done this on this list, but since you've
> > confused firewalls with routers, I have to say PLONK.
> >
> > HTH,
> > Tom
> >
> > Thomas W Shinder
> > www.isaserver.org/shinder
> > ISA 2004 Beta - Get it now!
> > http://www.microsoft.com/isaserver/beta/default.asp
> > ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server:
> > http://tinyurl.com/1llp
> >
> >
> > -----Original Message-----
> > From: Idan Plotnik [mailto:idan@xxxxxxxxxxxxxxx]
> > Sent: Friday, May 07, 2004 5:57 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] ISA Server is not a Firewall !!!
> > http://www.kbalertz.com/Feedback_832659.aspx
> >
> >
> > http://www.ISAserver.org
> >
> > Hi all,
> > I don't know if I need to laugh or to cry about this!!!
> > This issue closed my opinion about ISA 2000, and my opinion about ISA
> > 2000 is that its not a firewall !!!
> > Someone has sometnig to say about this ?
> > 832659 - The IP Spoof Detection feature in ISA Server 2000 may drop
> > legal packets on systems that have multiple external interfaces
> > Thanx
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe send a blank email to
> > $subst('Email.Unsub')
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > idan@xxxxxxxxxxxxxxx
> > To unsubscribe send a blank email to
> > $subst('Email.Unsub')
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> jschwarzkopf@xxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
jschwarzkopf@xxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » Re: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx
• » RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx

1. Home
2. isalist
3. Archive
4. 05-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---