Solved

Best way to block incoming connections using SBS2003 with ISA 2000

Posted on 2004-10-18
6
205 Views
Last Modified: 2013-12-04
I am using Microsoft SBS 2003 Premium with ISA 2000. What is the best way to block incoming traffic to my network? I am receiving port scans from several Asia Pacific and Dutch networks, and would like to just drop the packets at the external interface.
0
Comment
Question by:MasPreguntas
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
Gargantubrain earned 250 total points
ID: 12341406
The best way is with a hardware firewall. This can be done inexpensively or expensively, depending on your needs and performance requirements.

With all of the new security holes discovered regularly, it is not worth the risk of having your server compromised, compared to the under $100 cost of putting a basic but quite capable router in as your firewall.

If you would like suggestions then you can check out a router such as the ever-popular Linksys WRT-54g (just leave the wireless disabled), which also has any number of alternate firmware choices depending on your needs. There is also higher end routing equipment such as the Cisco 1700 series routers. http://www.cisco.com/en/US/products/hw/routers/ps221/index.html

If you would like to detail the incoming and outgoing traffic needs (ports/services, type of Internet connection, bandwidth, VPN, IPSec, etc) then I could make a recommendation based on your requirements and your budget.
0
 
LVL 1

Author Comment

by:MasPreguntas
ID: 12341835
At this time, I would prefer to use ISA instead of a hardware solution. I have used packet filters on *nix in the past to block all traffic from specific IP's, however the PF rules on ISA do not seem to do anything for me.

What I really need is the proper syntax to set up a packet filter against specific incoming traffic.
0
 
LVL 3

Expert Comment

by:Gargantubrain
ID: 12342709
This page has some good information, including how to configure the SBS firewall using the Configure E-Mail and Internet Connection Wizard.

Look at the "Configuring the Basic Firewall section" including the figures for sample pictures.

http://www.win2000mag.com/Article/ArticleID/40830/40830.html

It is not difficult to find articles regarding the risks of exposing your server to the Internet without a properly configured firewall. It is better to start off by blocking everything and open one thing at a time, to ensure that nothing more than required has been opened up.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question