Security Basics mailing list archives
RE: ISA 2004
From: "Mark Johnston" <mark.johnston () bluesq com>
Date: Wed, 13 Oct 2004 16:45:07 +0100
Hi Keith, Just a note beforehand .... is the web server that you have installed on your machine public facing ? If so you'r really pushing your luck by installing it on there, and should be moved to another server. By running it on there you are creating more holes, which if exploited gives an attacker access to your firewall. To answer your other question about log analysis, you should have a look at ethereal (for windows) or windump (win version of tcpdump). These tools will allow you to capture all traffic coming in and out your server. You can then use filters to extract exactly what you are looking for. Cheers Mark -----Original Message----- From: Keith Bucknall [mailto:keith.bucknall () zen co uk] Sent: 09 October 2004 16:52 To: security-basics () securityfocus com Subject: ISA 2004 Dear all, I think this mailing list is great, only been on here for a week but have gathered a lot of information, I guess this is my turn now. Recently we have installed ISA 2004 as our Web, Firewall and VPN server already we have had loads of problems with it, but I was wondering if there is some log analyzers that could pull the outbound and inbound traffic so I can actually see what is going through, getting blocked etc.. I would also welcome any comments you have on ISA 2004. Kind Regards Keith Bucknall Network Administrator MCSE:security, MCSA 2003, MCP, A+, N+, Sec+ ********************************************************************** This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. It may not be used or disclosed except for the purpose for which it has been sent. If you have received this e-mail in error please notify the system administrator postmaster () bluesq com quoting the senders address. If you are not the intended recipient you must not use, disclose, distribute, copy, print or rely on this e-mail and must delete the message and any documents. Please advise immediately if you or your employer do not consent to Internet e-mail for messages of this kind. Unless expressly stated, opinions in this message are those of the individual sender and not of Blue Square. Blue Square accepts no liability or responsibility for any onward transmission or use of e-mails and attachment having left the Blue Square domain. This footnote also confirms that this e-mail message has been swept by MIMEsweeper for the presence of computer viruses. Whilst we have taken reasonable precautions to ensure that this e-mail and any attachments have been swept for viruses, we cannot accept liability for any damage sustained as a result of software viruses and would advise that you carry out your own virus checks before opening any attachment. www.bluesq.com **********************************************************************
Current thread:
- ISA 2004 Keith Bucknall (Oct 12)
- RE: ISA 2004 Sarbjit Singh Gill (Oct 13)
- <Possible follow-ups>
- RE: ISA 2004 Mark Johnston (Oct 13)