So, in what scenario are we talking here? Someone bypasses the ISA, passes an attack to the front end server, where a worm hits and installs a trojan where it sniffs traffic? Because if we're talking web browser infection via a downloaded application, then you've got other issues like why people are using your mail servers for surfing the internet and installing Penguin Bowling. Are there any proof of concept papers or anything on this that I can look at on this? -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, May 10, 2005 9:12 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Non-SSL FBA http://www.ISAserver.org Hi Dan, Handy reminder. I've been seeing a lot of people proferring the "SSL off-loading" option by doing SSL to HTTP bridging, and it's a suicide waiting to happen. Just reinforcing the importance of SSL to SSL bridging :) Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Tuesday, May 10, 2005 9:07 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Non-SSL FBA http://www.ISAserver.org Are you speaking from recent experiences or is this just a handy reminder? -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, May 10, 2005 09:41 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Non-SSL FBA http://www.ISAserver.org One more thing: use SSL to SSL bridging, or the trojans running network sniffers on your "secure" network will capture your credentails because someone told you "SSL off-loading" was a good idea. Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, May 10, 2005 8:36 AM To: [ISAserver.org Discussion List] Subject: [isalist] Non-SSL FBA http://www.ISAserver.org Hey folks, Anybody here using forms-based auth on the ISA firewall and not using SSL? If you're using FBA or Basic auth without SSL, crater your network, change your passwords, because you've been owned. HTH, Tom www.isaserver.org/shinder <http://www.isaserver.org/shinder> Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx