I didn't; Frank did... "Catholic girls..." Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "cismic" <cismic@xxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, August 14, 2003 17:10 Subject: [isalist] Re: MS-Blast scripts http://www.ISAserver.org How did you know about my Garage? Joseph -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Thursday, August 14, 2003 4:59 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: MS-Blast scripts http://www.ISAserver.org Close; very close... Joe's Garage, but it's most certainly FZ... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, August 14, 2003 16:01 Subject: [isalist] Re: MS-Blast scripts http://www.ISAserver.org sheik yerbuti, f.z. ;)))) > -----Original Message----- > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] > Sent: Friday, August 15, 2003 12:54 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: MS-Blast scripts > > > http://www.ISAserver.org > > > The other side of that particular coin is Black Ice Defender. It's a > host-based IDS that also reports back to a "Central Scrutinizer" > (three anti-social points for the correct quote > identification) for attack and attacker identification. Pretty slick > toy. > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver > http://isaserver.org/Jim_Harrison > http://isatools.org > > Read the help, books and articles! > ----- Original Message ----- > From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Thursday, August 14, 2003 15:32 > Subject: [isalist] Re: MS-Blast scripts > > > http://www.ISAserver.org > > > In short words, because it's already too late over here and I need a > good boy's sleep: you're right. > > I took a glance at NAI's Intrushield which introduces a so called > Virtual IDS. Of course, Intrushield is an IDS appliance and does other > things than ISA, but the concept of virtual segments that are being > monitored is appealing. > > Mark > > > -----Original Message----- > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] > > Sent: Friday, August 15, 2003 12:12 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: MS-Blast scripts > > > > > > http://www.ISAserver.org > > > > > > Hi Mark, > > > > Actually, you have a good point. The time is near when we > need an ISA > > like device on every system. That is, a smart layer 7 sophisticated > > firewall. Not a pixoid packet filter, but an ISA that can > examine the > > application layer headers and data. Microsoft is a software > company, > > they understand software, and layer 7 is all about app software. If > > anyone can do it right, its going to be Microsoft. Cisco is good at > > fast, but all that accomplishes is passing exploits faster than > > anyone else. > > > > In fact, personal firewalls do perform such a function > already. But > > most of them, from my experience, cause more problems than > they fix. > > The exception, again in my experience, is the unfairly > maligned ICF. > > Its very transparent and blocks unsolicited inbound > requests. You have > > to go out of your way to allow inbound connections, but at least you > > can do that. > > > > (Check out the lamer "firewall feature" included with the Windows > > Server 2003 RRAS. It'll block unsolicited inbound requests, but you > > can forget about reverse NAT. ICF is more sophisticated > than the RRAS > > firewall > > "service") > > > > The personal firewall needs to have a central policy, so that you > > essentially extend the ISA features to the desktops and > other devices. > > The would also have reporting mechanism like ISA and feed this > > information to the central reporting system. You can see where I'm > > going with this! Servers would also have a similar "satellite" > > firewall system. ISA can be the hub firewall system that manages, > > reports, and updates the satellite firewall systems. > > > > Sound good so far? > > > > :-) > > Tom > > > > Thomas W Shinder > > www.isaserver.org/shinder > > ISA Server and Beyond: http://tinyurl.com/1jq1 > > Configuring ISA Server: http://tinyurl.com/1llp > > > > > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com No.1 > Exchange > Server Resource > Site: http://www.msexchange.org Windows Security Resource > Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx To unsubscribe send a blank email to > $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com No.1 > Exchange > Server Resource > Site: http://www.msexchange.org Windows Security Resource > Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > m.hippenstiel@xxxxxxxxxxxx To unsubscribe send a blank email to > $subst('Email.Unsub') > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')