Improve company productivity with a Business Account.Sign Up

x
?
Solved

Best way to block incoming connections using SBS2003 with ISA 2000

Posted on 2004-10-18
6
Medium Priority
?
213 Views
Last Modified: 2013-12-04
I am using Microsoft SBS 2003 Premium with ISA 2000. What is the best way to block incoming traffic to my network? I am receiving port scans from several Asia Pacific and Dutch networks, and would like to just drop the packets at the external interface.
0
Comment
Question by:MasPreguntas
  • 2
3 Comments
 
LVL 3

Accepted Solution

by:
Gargantubrain earned 1000 total points
ID: 12341406
The best way is with a hardware firewall. This can be done inexpensively or expensively, depending on your needs and performance requirements.

With all of the new security holes discovered regularly, it is not worth the risk of having your server compromised, compared to the under $100 cost of putting a basic but quite capable router in as your firewall.

If you would like suggestions then you can check out a router such as the ever-popular Linksys WRT-54g (just leave the wireless disabled), which also has any number of alternate firmware choices depending on your needs. There is also higher end routing equipment such as the Cisco 1700 series routers. http://www.cisco.com/en/US/products/hw/routers/ps221/index.html

If you would like to detail the incoming and outgoing traffic needs (ports/services, type of Internet connection, bandwidth, VPN, IPSec, etc) then I could make a recommendation based on your requirements and your budget.
0
 
LVL 1

Author Comment

by:MasPreguntas
ID: 12341835
At this time, I would prefer to use ISA instead of a hardware solution. I have used packet filters on *nix in the past to block all traffic from specific IP's, however the PF rules on ISA do not seem to do anything for me.

What I really need is the proper syntax to set up a packet filter against specific incoming traffic.
0
 
LVL 3

Expert Comment

by:Gargantubrain
ID: 12342709
This page has some good information, including how to configure the SBS firewall using the Configure E-Mail and Internet Connection Wizard.

Look at the "Configuring the Basic Firewall section" including the figures for sample pictures.

http://www.win2000mag.com/Article/ArticleID/40830/40830.html

It is not difficult to find articles regarding the risks of exposing your server to the Internet without a properly configured firewall. It is better to start off by blocking everything and open one thing at a time, to ensure that nothing more than required has been opened up.
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
OfficeMate Freezes on login or does not load after login credentials are input.
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…
To export Lotus Notes to Outlook PST or Exchange and Domino Server files to Exchange Server or PST files with ease, go for Kernel for Lotus Notes to Outlook conversion tool. Through the video, you can watch the conversion process. A common user with…

584 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question