RE: Is my N/W safe?
- From: Troy Radtke <TRadtke@xxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 23 Jul 2004 10:33:36 -0500
ISA is not an IDS....
First, you'd need to define "breach", then you'd have to compare that to
something.....
I call a breach unauthorised use of network resources. (i.e. you're traffic
on my network where I don't want it)
ISA is designed to follow a set of rules and only let in/out traffic that
you define. If an attack against a web server is made on port 80, which is
forwarded to that web server by your rule sets, then the ISA has not been
breached, but is doing it's intended job.
An IDS such as SNORT does nothing to traffic at all. It let's anything in,
anything out. It alerts you to the fact that packet
#15,454,346,549,816,213,468,768,616.5 was something that looked like a known
attack. And that's all that they do.....
To review:
ISA is a fliter.
IDS's are monitors.
BTW, ISA is not a whale, it's more like a cute little 12 year old girl with
a stun gun... Extreamly dangerous....
Look at little Sally! What's that you have? ***ZZZZAAAAAPPPP*****
=?)
-----Original Message-----
From: Thor [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Friday, July 23, 2004 9:59 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Is my N/W safe?
http://www.ISAserver.org
Are you calling ISA a whale?
----- Original Message -----
From: "Ray Dzek" <rdzek@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, July 23, 2004 7:40 AM
Subject: [isalist] RE: Is my N/W safe?
http://www.ISAserver.org
Is there a documented, legitimate breach of ISA on record anywhere? Don't
think I've ever seen one.
Ray Dzek
Network Operations Supervisor
Specialized Bicycle Components
PH: 408-782-5420
FX: 408-782-5421
-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx]
Sent: Friday, July 23, 2004 7:05 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Is my N/W safe?
http://www.ISAserver.org
IDS are only as good as the patterns that they look for, which gives people
a false sence of security..... A breach can go unnoticed for an extreamly
long time if that's the only thing you depend on....
-----Original Message-----
From: shane [mailto:tsmullins@xxxxxxxxxxxxxx]
Sent: Friday, July 23, 2004 8:46 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Is my N/W safe?
http://www.ISAserver.org
That summed it up pretty good. I used to tell people that you could secure
a network with a good pair of side cutters, but I see my errors now : ) I
think ISA is a very secure platform, but to bump up your security you could
install an IDS, along with good physical security, strong password policies,
good local workstation policies, and etc.
Shane
----- Original Message -----
From: "Troy Radtke" <TRadtke@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, July 23, 2004 9:35 AM
Subject: [isalist] RE: Is my N/W safe?
> http://www.ISAserver.org
>
> Sure, here's the easy way:
>
> Call the phone company, cancel all phone lines into the building....
> Take all the computers, put them in 1 room with vicious guard
> dogs..... Run around like crazy cutting all of the network cables,
> trying to avoid
the
> dogs....
> Give said vicious guard dogs scuba tanks, fill room with cement....
> Here's where the scuba tanks come in: Drop said room in deepest trench
> in ocean.... Last step: (note: better for guard dogs if you do this
> before dropping in
> ocean)
> Unplug all power to that room.....
>
> So, after you do all of that, I'd advise going to a hypnotherapist and
have
> your memory of the event erased that way you can't be tortured to find
> out where it is.....
>
>
> -----Original Message-----
> From: dhanu patil [mailto:dhanupatil@xxxxxxxxxxx]
> Sent: Thursday, July 22, 2004 10:54 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Is my N/W safe?
>
>
> http://www.ISAserver.org
>
> http://ISAServer.org
>
> Hi all,
>
> I have just installed and configured ISA 2000 SP1 server, with some
> basic configuration allowing HTTP,MSN access, how can i confirm that
> my LAN is safe from hackers or intruders, Is there any way to
> prevent such things?
>
> thanks & regards,
>
> Dhananjay
>
> ________________________________________________________________
>
> _________________________________________________________________
> The new MSN toolbar! Your shortcut to the internet!
> http://toolbar.msn.co.in/ Access a world of convenience!
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server
> Resource Site: http://www.msexchange.org Windows Security Resource
> Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tradtke@xxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
tsmullins@xxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rdzek@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
thor@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Other related posts:
