Security Basics mailing list archives
RE: Microsoft ISA Server Vulnerabilities
From: "David Sommers" <dsommers () dialogmedical com>
Date: Fri, 18 Oct 2002 10:35:35 -0400
I also doubt you have all ports over 1023 open. You would have to create an IP Packet Filter to allow TCP ports over 1023, and these ports are only open to the designated Local Computer. So if you need an application to run that requires the above ports, place it on the DMZ and designate only that computer as "Local computer". If you have a B2B application and you know the IP of the remote computer, put that IP address under "Remote computer". It would be hard for you to use Server Publishing to open the ports, because you'd have to create a sperate Protocol Definition for each port and that would take forever. You can view which ports are "acutally" open on your ISA system by using the command "netstat -na" David Sommers. -----Original Message----- From: Chris Berry [mailto:compjma () hotmail com] Sent: Thursday, October 17, 2002 3:46 PM To: security-basics () securityfocus com Subject: Re: Microsoft ISA Server Vulnerabilities
From: "Naman Latif" <naman.latif () inamed com> We recently started using Microsoft ISA Server as our Proxy Server. Currently in the test phase, we have Ports >1023 open access from Outside. Are there any specific ports that should be blocked in reference to known Vulnerabilities of ISA Server ?
Just as standard practice, you should block all ports, then allow only those which are required to run your software. Chris Berry compjma () hotmail com Systems Administrator JM Associates "I have found the way, and the way is Perl." _________________________________________________________________ Get a speedy connection with MSN Broadband. Join now! http://resourcecenter.msn.com/access/plans/freeactivation.asp
Current thread:
- Microsoft ISA Server Vulnerabilities Naman Latif (Oct 17)
- <Possible follow-ups>
- Re: Microsoft ISA Server Vulnerabilities Chris Berry (Oct 17)
- RE: Microsoft ISA Server Vulnerabilities David Sommers (Oct 18)