RE: Port Blocking - for better security

  • From: Cornerstone Christian School <ccschooltech@xxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 08 May 2002 09:12:20 -0700

Thank you for the replies. My next question would be what about being
able to Terminal Service in? Would this not disable this?? 

Sorry for the newbie type questions...

S Ryall

-----Original Message-----
From: Shane Mullins [mailto:tsmullins@xxxxxxxxxxxxxx] 
Sent: Wednesday, May 08, 2002 7:12 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Port Blocking - for better security

http://www.ISAserver.org


Matt suggestion to turn off the services is very good.  Also use packet
filtering.  Go to Access control, then packet filering,  disable all
unnecessary ports, enable the ones you need.  This should work fine.  If
your company has many "edge" servers you may want to investigate a
hardware
based firewall.  Also you can configure your router to help keep people
out.

Shane




----- Original Message -----
From: "Walkowiak, Matt" <Matt.Walkowiak@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, May 08, 2002 9:45 AM
Subject: [isalist] RE: Port Blocking - for better security


> http://www.ISAserver.org
>
>
> Hrmmm... You have an ISA server that is responding to ports you don't
> want it to, and you want to use ISA to block it - this sounds like you
> are trying to secure your ISA server...
> Better way to keep your server from responding to certain ports is to
> turn the service off that has the port open.  Try turning off the
> Microsoft Client and File/Printer sharing on the external NIC.  If you
> do that, make sure the internal NIC (the one with the Microsoft Client
> still enabled) is bound first (start --> settings --> Control Panel
-->
> Network and Dialup --> Advanced --> Advanced settings)
> As far as actually blocking a whole set of ports at once?  No clue...
> Sorry.
>
> Matt
>
>
> -----Original Message-----
> From: Cornerstone Christian School [mailto:ccschooltech@xxxxxxx]
> Sent: Tuesday, May 07, 2002 4:40 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Port Blocking
>
> http://www.ISAserver.org
>
>
> Is there a way to block a whole wack load of ports instead of one at a
> time? I have some some sniffing and found that I have a few ports
> open...
>
> TIA
>
> S Ryall
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> matt.walkowiak@xxxxxxxxxxxx
> To unsubscribe send a blank email to
$subst('Email.Unsub')
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
tsmullins@xxxxxxxxxxxxxx
> To unsubscribe send a blank email to
$subst('Email.Unsub')
>
>


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ccschooltech@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')



Other related posts: