Sorry for the broken url Microsoft Solution for Securing Windows 2000 Server <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secu rity/prodtech/windows/secwin2k/default.asp> -----Original Message----- From: David V. Dellanno Sent: Saturday, February 22, 2003 11:03 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Major ISA Security question: http://www.ISAserver.org Good Read: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/prodtech/windows/secwin2k/default.asp -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Saturday, February 22, 2003 10:31 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Major ISA Security question: http://www.ISAserver.org Q1 - exactly what software / services are running on the server; not just ISA, but any other software / apps? Q2 - what is the server's network configuration? Q3 - exactly how is ISA configured (http://isatools.org/isainfo.zip will help)? ISA, properly configured, is inviolable *_from the outside_*. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Eddie Kwong" <eddiek@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, February 21, 2003 13:16 Subject: [isalist] Major ISA Security question: http://www.ISAserver.org Hi list members, Please help me out here. If I understand it right, for someone to publish an internal server through ISA server, other than other things that needs to be done, under the ISA server management you must go to Policy Elements -> Destination Sets and setup the INTERNAL server location there. I use all cap for INTERNAL because this is how I believed ISA server works. This rule is suppose to be for locating the internal server that has the web site you would like to publish. My problem: I have been too busy for the last two months and didn't get a chance to browse around ISA server for any un-usual events. This morning when I look, I found out that there is an extra Destination Set under the Policy Elements->Destination Sets. With the long name 'Friends Greeting Worm Block Properties', (every work spell as in the quotes) and the address were a list of *.friend.greeting.com *.friend.greetings.com 207.21.272.104 64.191.7.4 cool-downloads.com etc..... My 1 millions dollar Question: What is this? I am the only one in my organization that setup and manage ISA server and I didn't put that extra destination set in!!! Any ideas? Many thanks ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ddellanno@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ddellanno@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.