<spank> ooh; <spankspankspank> Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Thor" <thor@xxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, May 07, 2004 14:30 Subject: [isalist] RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx http://www.ISAserver.org What about me? Don't I get a spank on the pee pee too? I'm not even an employee of Microsoft! t ----- Original Message ----- From: "Jay" <jschwarzkopf@xxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, May 07, 2004 12:23 PM Subject: [isalist] RE: ISA Server is not a Firewall !!! http://www.kbalertz.com/Feedback_832659.aspx > http://www.ISAserver.org > > Wow, since when is an unadulterated, exact, direct copy of a quote, a > 'misquote'? > > As for poorly articulating my point - I didn't resort to personal insults > (which you obviously can not avoid). Nor did I disparage other firewall > products ('Pixie, Crisco, and Netscream' - and no that is not a misquote > either). > > ISA is a decent firewall product. So are Pix, Cisco routers, and even > Sonicwall (which does not have the ISA "design goal" of supporting only a > single wan interface - yes it supports multiple external links). > > Jim, I respect your knowledge of this product. I also understand that as an > employee of Microsoft, you have to be a bit biased. But when you start > personally attacking newsgroup members, you do the group and yourself a > disservice. > > > ----- Original Message ----- > From: "Jim Harrison" <jim@xxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Friday, May 07, 2004 2:15 PM > Subject: [isalist] RE: ISA Server is not a Firewall !!! > http://www.kbalertz.com/Feedback_832659.aspx > > > > http://www.ISAserver.org > > > > No, I mean design specs. ISA was specifically designed to limit the > external side to a single interface. > > When you're ready to learn about how ISA is designed, come back to class; > but please sit in the back as you're disturbing the rest > > of the students. > > > > Also, the correct phrase is "misquote". > > There's nothing in my response that hints at anything you're poorly > articulating. > > > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://www.microsoft.com/isaserver > > http://isaserver.org/Jim_Harrison > > http://isatools.org > > > > Read the help, books and articles! > > ----- Original Message ----- > > From: "Jay" <jschwarzkopf@xxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Friday, May 07, 2004 10:39 > > Subject: [isalist] RE: ISA Server is not a Firewall !!! > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > http://www.ISAserver.org > > > > You mean design limitation. > > > > And hardly bitchin. I was just quoting you: > > > http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=O2WkOL%23VBHA.1916%40tkmsftngp03&rnum=3&prev=/groups%3Fq%3D%2522ip%2Bspoof%2Bdetection%2522%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3DO2WkOL%2523VBHA.1916%2540tkmsftngp03%26rnum%3D3 > > > > > > > > ----- Original Message ----- > > From: "Jim Harrison" <jim@xxxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Friday, May 07, 2004 11:36 AM > > Subject: [isalist] RE: ISA Server is not a Firewall !!! > > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > > http://www.ISAserver.org > > > > > > The alternative is to use the product within its design specs. > > > Anything else you do gets you less functionality and protection. > > > > > > ISA does not support multiple public interfaces. This was (and still > is) > > a design decision. > > > I expect full routing functionality from a firewall the same way I > expect > > full firewall functionality from a router. > > > > > > Use each device within its design goals and quicherbitchin... > > > > > > Jim Harrison > > > MCP(NT4, W2K), A+, Network+, PCG > > > http://www.microsoft.com/isaserver > > > http://isaserver.org/Jim_Harrison > > > http://isatools.org > > > > > > Read the help, books and articles! > > > ----- Original Message ----- > > > From: "Jay" <jschwarzkopf@xxxxxxxxxx> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > > Sent: Friday, May 07, 2004 08:10 > > > Subject: [isalist] RE: ISA Server is not a Firewall !!! > > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > > > > http://www.ISAserver.org > > > > > > "The only workaround I've heard of is to disable IP spoof detection and > > this > > > affects the whole ISA, not just that one interface. Needless to say, > > that's > > > not a good alternative for me or anyone else that's tried it." > > > > > > > > > ----- Original Message ----- > > > From: "Jim Harrison" <jim@xxxxxxxxxxxx> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > > Sent: Friday, May 07, 2004 10:54 AM > > > Subject: [isalist] RE: ISA Server is not a Firewall !!! > > > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > > > > > http://www.ISAserver.org > > > > > > > > A good firewall must include good router functionality in the same way > a > > > fish must include a PDA. > > > > This article and issue arises because folks choose to use a product > > > outside of its design goals. > > > > > > > > You can scream in email all day long; it doesn't make you sound any > more > > > believable. > > > > > > > > Disabling an alert does not stop the blocking action, just the alerts > > that > > > get generated from it. > > > > Learn to read what's written; not what you choose to make of it. > > > > > > > > Jim Harrison > > > > MCP(NT4, W2K), A+, Network+, PCG > > > > http://www.microsoft.com/isaserver > > > > http://isaserver.org/Jim_Harrison > > > > http://isatools.org > > > > > > > > Read the help, books and articles! > > > > ----- Original Message ----- > > > > From: "Idan Plotnik" <idan@xxxxxxxxxxxxxxx> > > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > > > Sent: Friday, May 07, 2004 04:45 > > > > Subject: [isalist] RE: ISA Server is not a Firewall !!! > > > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > > > > > > > http://www.ISAserver.org > > > > > > > > Hi Thomas, > > > > > > > > Yesterday I came back from TechEd in Israel, I believe in the way > > > > Microsoft works and I am working a lot with Microsoft products, in > > > > additional I am doing some works for Microsoft, but this issue is not > > > > relevant to my work, I mean that this kind of Bugs must be discover > > > > before the product is going in to the market and not after 2 or 3 > > > > years!!! Don't you agree with me? Tell me something else, do you think > > > > it reasonable to disable the IP Spoof Detection option on a > > > > FIREWALL???!!!!???!!!! To enable another function to work properly???? > > > > > > > > And by the way!!! A good Firewall must include a good router > > > > functions!!! It's not a separate function, When I read your line "but > > > > since you've confused firewalls with routers" I laugh because it's not > a > > > > good way of thinking!!! There are a lot of people that thinks that > > > > Firewall just blocks ports or protocols and it's not true > > > > > > > > Thanks and have a good day. > > > > > > > > > > > > -----Original Message----- > > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > > > Sent: Friday, May 07, 2004 1:00 PM > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] RE: ISA Server is not a Firewall !!! > > > > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > > > http://www.ISAserver.org > > > > > > > > Hi Idan, > > > > > > > > It's a good thing no other firewalls have any issues :-\ > > > > > > > > This is the first time I've done this on this list, but since you've > > > > confused firewalls with routers, I have to say PLONK. > > > > > > > > HTH, > > > > Tom > > > > > > > > Thomas W Shinder > > > > www.isaserver.org/shinder > > > > ISA 2004 Beta - Get it now! > > > > http://www.microsoft.com/isaserver/beta/default.asp > > > > ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: > > > > http://tinyurl.com/1llp > > > > > > > > > > > > -----Original Message----- > > > > From: Idan Plotnik [mailto:idan@xxxxxxxxxxxxxxx] > > > > Sent: Friday, May 07, 2004 5:57 AM > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] ISA Server is not a Firewall !!! > > > > http://www.kbalertz.com/Feedback_832659.aspx > > > > > > > > > > > > http://www.ISAserver.org > > > > > > > > Hi all, > > > > I don't know if I need to laugh or to cry about this!!! > > > > This issue closed my opinion about ISA 2000, and my opinion about ISA > > > > 2000 is that its not a firewall !!! > > > > Someone has sometnig to say about this ? > > > > 832659 - The IP Spoof Detection feature in ISA Server 2000 may drop > > > > legal packets on systems that have multiple external interfaces > > > > Thanx > > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')