Hi Tom,
So far...
FTP yes
HTTP, telnet, terminal services no (but I may have goofed up something)
NetBIOS partial (still working on this)
Uh, is there an easy way to restart without logging in?
I'm still poking at it.
Thanks for the advice!
Dar
Hi Dar,
Interesting. I've noticed the same thing with pings, but I honestly didn't think about the implications. Can you create HTTP/FTP/SMTP/NetBIOS or any other session during this period?
Thanks!
Tom
-----Original Message----- From: Dar Scott [mailto:dsc@xxxxxxxx] Sent: Saturday, December 29, 2001 1:33 PM To: [ISAserver.org Discussion List] Subject: [isalist] Security hole at boot
http://www.ISAserver.org
For about 22 seconds at boot I can see ports on my external interface before the IP filter kicks in. I can ping the external interface from another computer during this time.
I'm assuming I'm doing something wrong concerning when services are started, but I'm at a loss. A search for boot at isaserver.org or in Shinder or Simmons got nowhere.
I haven't seen this at shutdown. I haven't tested this for boot after crash or power off.
Some of these ports I can shut off other ways (and normally have), but I expect a firewall to protect me from forgetting those things.
Dar Scott