RE: Non-SSL FBA

  • From: "Troy Radtke" <TRadtke@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 10 May 2005 09:57:55 -0500

So, in what scenario are we talking here?  Someone bypasses the ISA,
passes an attack to the front end server, where a worm hits and installs
a trojan where it sniffs traffic?  Because if we're talking web browser
infection via a downloaded application, then you've got other issues
like why people are using your mail servers for surfing the internet and
installing Penguin Bowling.

Are there any proof of concept papers or anything on this that I can
look at on this?

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Tuesday, May 10, 2005 9:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Non-SSL FBA


http://www.ISAserver.org

Hi Dan,

Handy reminder. I've been seeing a lot of people proferring the "SSL
off-loading" option by doing SSL to HTTP bridging, and it's a suicide
waiting to happen. Just reinforcing the importance of SSL to SSL
bridging :) 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Tuesday, May 10, 2005 9:07 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Non-SSL FBA

http://www.ISAserver.org

Are you speaking from recent experiences or is this just a handy
reminder?

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Tuesday, May 10, 2005 09:41
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Non-SSL FBA

http://www.ISAserver.org

One more thing: use SSL to SSL bridging, or the trojans running network
sniffers on your "secure" network will capture your credentails because
someone told you "SSL off-loading" was a good idea.  


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Tuesday, May 10, 2005 8:36 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Non-SSL FBA

http://www.ISAserver.org

Hey folks,
 
Anybody here using forms-based auth on the ISA firewall and not using
SSL?
 
If you're using FBA or Basic auth without SSL, crater your network,
change your passwords, because you've been owned.
 
HTH, 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 05-2005