• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 216
  • Last Modified:

Best way to block incoming connections using SBS2003 with ISA 2000

I am using Microsoft SBS 2003 Premium with ISA 2000. What is the best way to block incoming traffic to my network? I am receiving port scans from several Asia Pacific and Dutch networks, and would like to just drop the packets at the external interface.
0
MasPreguntas
Asked:
MasPreguntas
  • 2
1 Solution
 
GargantubrainCommented:
The best way is with a hardware firewall. This can be done inexpensively or expensively, depending on your needs and performance requirements.

With all of the new security holes discovered regularly, it is not worth the risk of having your server compromised, compared to the under $100 cost of putting a basic but quite capable router in as your firewall.

If you would like suggestions then you can check out a router such as the ever-popular Linksys WRT-54g (just leave the wireless disabled), which also has any number of alternate firmware choices depending on your needs. There is also higher end routing equipment such as the Cisco 1700 series routers. http://www.cisco.com/en/US/products/hw/routers/ps221/index.html

If you would like to detail the incoming and outgoing traffic needs (ports/services, type of Internet connection, bandwidth, VPN, IPSec, etc) then I could make a recommendation based on your requirements and your budget.
0
 
MasPreguntasAuthor Commented:
At this time, I would prefer to use ISA instead of a hardware solution. I have used packet filters on *nix in the past to block all traffic from specific IP's, however the PF rules on ISA do not seem to do anything for me.

What I really need is the proper syntax to set up a packet filter against specific incoming traffic.
0
 
GargantubrainCommented:
This page has some good information, including how to configure the SBS firewall using the Configure E-Mail and Internet Connection Wizard.

Look at the "Configuring the Basic Firewall section" including the figures for sample pictures.

http://www.win2000mag.com/Article/ArticleID/40830/40830.html

It is not difficult to find articles regarding the risks of exposing your server to the Internet without a properly configured firewall. It is better to start off by blocking everything and open one thing at a time, to ensure that nothing more than required has been opened up.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now