Solved

Best way to block incoming connections using SBS2003 with ISA 2000

Posted on 2004-10-18
6
202 Views
Last Modified: 2013-12-04
I am using Microsoft SBS 2003 Premium with ISA 2000. What is the best way to block incoming traffic to my network? I am receiving port scans from several Asia Pacific and Dutch networks, and would like to just drop the packets at the external interface.
0
Comment
Question by:MasPreguntas
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
Gargantubrain earned 250 total points
ID: 12341406
The best way is with a hardware firewall. This can be done inexpensively or expensively, depending on your needs and performance requirements.

With all of the new security holes discovered regularly, it is not worth the risk of having your server compromised, compared to the under $100 cost of putting a basic but quite capable router in as your firewall.

If you would like suggestions then you can check out a router such as the ever-popular Linksys WRT-54g (just leave the wireless disabled), which also has any number of alternate firmware choices depending on your needs. There is also higher end routing equipment such as the Cisco 1700 series routers. http://www.cisco.com/en/US/products/hw/routers/ps221/index.html

If you would like to detail the incoming and outgoing traffic needs (ports/services, type of Internet connection, bandwidth, VPN, IPSec, etc) then I could make a recommendation based on your requirements and your budget.
0
 
LVL 1

Author Comment

by:MasPreguntas
ID: 12341835
At this time, I would prefer to use ISA instead of a hardware solution. I have used packet filters on *nix in the past to block all traffic from specific IP's, however the PF rules on ISA do not seem to do anything for me.

What I really need is the proper syntax to set up a packet filter against specific incoming traffic.
0
 
LVL 3

Expert Comment

by:Gargantubrain
ID: 12342709
This page has some good information, including how to configure the SBS firewall using the Configure E-Mail and Internet Connection Wizard.

Look at the "Configuring the Basic Firewall section" including the figures for sample pictures.

http://www.win2000mag.com/Article/ArticleID/40830/40830.html

It is not difficult to find articles regarding the risks of exposing your server to the Internet without a properly configured firewall. It is better to start off by blocking everything and open one thing at a time, to ensure that nothing more than required has been opened up.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now