RE: Why can internal PC see open ports?
- From: "Gary Anderson" <gary.anderson@xxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 24 Jan 2002 13:52:01 +0100
Protocol: Any
Direction: Both
Why would you not expect to see open ports? ISA is letting everything
through to your public IP PC. If the ports are not closed on it and they
are not filtered on ISA, then nmap -sA will find them (at least, the TCP
ones).
You need to do at least one of three things:
1) Filter the ports on ISA
2) Filter the ports on the Public IP PC
3) Stop the services on the Public IP PC that are opening unwanted ports.
I would recommend doing all three.
-----Original Message-----
From: Nigel Carroll [mailto:nigel@xxxxxxxxxxxxxxx]
Sent: Thursday, January 24, 2002 09:46
To: [ISAserver.org Discussion List]
Subject: [isalist] Why can internal PC see open ports?
http://www.ISAserver.org
When running a scan against my ISA server's Public IP FROM PC (see
below) it reports that various ports are open which I'd expect to be
closed.
This is not what I expected as I'd like PC to be treated as potentially
hostile and don't want it to have access to ANY ports.
Could anyone tell me what I may have wrong with my configuration - see
below:
Thanks
Nigel
Internet
|
|
External NIC (Public IP in Subnet1)
ISA Server
Internal NIC (Multihomed with 1 private & 1 PUBLIC IP in Subnet2)
| \
| \
| \
LAN PC (PUBLIC IP in Subnet2)
To enable internet access to the PC I have created a packet filter as
follows:
Protocol: Any
Direction: Both
Local computer: This computer (on the perimeter network) - and entered
PC's public IP
In order to get traffic through I found I also had to enable a protocol
filter that allows everything but I restricted to PCs public IP.
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gary.anderson@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
