Well there. At least the year was right. Am I getting my points anyway? > -----Original Message----- > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] > Sent: Friday, August 15, 2003 1:59 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: MS-Blast scripts > > > http://www.ISAserver.org > > > Close; very close... > > Joe's Garage, but it's most certainly FZ... > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver > http://isaserver.org/Jim_Harrison > http://isatools.org > > Read the help, books and articles! > ----- Original Message ----- > From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Thursday, August 14, 2003 16:01 > Subject: [isalist] Re: MS-Blast scripts > > > http://www.ISAserver.org > > > sheik yerbuti, f.z. ;)))) > > > -----Original Message----- > > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] > > Sent: Friday, August 15, 2003 12:54 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: MS-Blast scripts > > > > > > http://www.ISAserver.org > > > > > > The other side of that particular coin is Black Ice > Defender. It's a > > host-based IDS that also reports back to a "Central Scrutinizer" > > (three anti-social points for the correct quote > > identification) for attack and attacker identification. > Pretty slick > > toy. > > > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > http://www.microsoft.com/isaserver > > http://isaserver.org/Jim_Harrison > > http://isatools.org > > > > Read the help, books and articles! > > ----- Original Message ----- > > From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Thursday, August 14, 2003 15:32 > > Subject: [isalist] Re: MS-Blast scripts > > > > > > http://www.ISAserver.org > > > > > > In short words, because it's already too late over here and > I need a > > good boy's sleep: you're right. > > > > I took a glance at NAI's Intrushield which introduces a so called > > Virtual IDS. Of course, Intrushield is an IDS appliance and > does other > > things than ISA, but the concept of virtual segments that are being > > monitored is appealing. > > > > Mark > > > > > -----Original Message----- > > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] > > > Sent: Friday, August 15, 2003 12:12 AM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] Re: MS-Blast scripts > > > > > > > > > http://www.ISAserver.org > > > > > > > > > Hi Mark, > > > > > > Actually, you have a good point. The time is near when we > > need an ISA > > > like device on every system. That is, a smart layer 7 > sophisticated > > > firewall. Not a pixoid packet filter, but an ISA that can > > examine the > > > application layer headers and data. Microsoft is a software > > company, > > > they understand software, and layer 7 is all about app > software. If > > > anyone can do it right, its going to be Microsoft. Cisco > is good at > > > fast, but all that accomplishes is passing exploits faster than > > > anyone else. > > > > > > In fact, personal firewalls do perform such a function > > already. But > > > most of them, from my experience, cause more problems than > > they fix. > > > The exception, again in my experience, is the unfairly > > maligned ICF. > > > Its very transparent and blocks unsolicited inbound > > requests. You have > > > to go out of your way to allow inbound connections, but > at least you > > > can do that. > > > > > > (Check out the lamer "firewall feature" included with the Windows > > > Server 2003 RRAS. It'll block unsolicited inbound > requests, but you > > > can forget about reverse NAT. ICF is more sophisticated > > than the RRAS > > > firewall > > > "service") > > > > > > The personal firewall needs to have a central policy, so that you > > > essentially extend the ISA features to the desktops and > > other devices. > > > The would also have reporting mechanism like ISA and feed this > > > information to the central reporting system. You can see > where I'm > > > going with this! Servers would also have a similar "satellite" > > > firewall system. ISA can be the hub firewall system that manages, > > > reports, and updates the satellite firewall systems. > > > > > > Sound good so far? > > > > > > :-) > > > Tom > > > > > > Thomas W Shinder > > > www.isaserver.org/shinder > > > ISA Server and Beyond: http://tinyurl.com/1jq1 > > > Configuring ISA Server: http://tinyurl.com/1llp > > > > > > > > > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com No.1 > > Exchange > Server Resource > > Site: http://www.msexchange.org Windows Security Resource > > Site: http://www.windowsecurity.com/ Network Security > > Library: http://www.secinf.net/ Windows 2000/NT Fax > > Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: > > jim@xxxxxxxxxxxx To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com No.1 > > Exchange > Server Resource > > Site: http://www.msexchange.org Windows Security Resource > > Site: http://www.windowsecurity.com/ Network Security > > Library: http://www.secinf.net/ Windows 2000/NT Fax > > Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org > Discussion List as: > > m.hippenstiel@xxxxxxxxxxxx To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: > http://www.serverfiles.com No.1 Exchange > Server Resource > Site: http://www.msexchange.org Windows Security Resource > Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email > to $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: > http://www.serverfiles.com No.1 Exchange > Server Resource > Site: http://www.msexchange.org Windows Security Resource > Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax > Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: m.hippenstiel@xxxxxxxxxxxx To unsubscribe send a > blank email to $subst('Email.Unsub') >