Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

ISA logging to MSDE security

Posted on 2006-10-21
5
Medium Priority
?
283 Views
Last Modified: 2013-11-16
I've been scouring the internet for an answer to this question but can't seem to find one, so I hope someone here can help. I have an ISA 2004 installation logging to a MSDE DB. This DB has 3 security accounts associated with it, BuiltIn\Administrators, NT Authoriy\Network Service and SA. I use MOM 2005 on my network and noticed an event stating that one of these accounts has a NULL or weak password. My guess is that it is talking about the SA account.

I do not remember what the password was for the SA account but my guess is that it is NULL by default and that ISA is using it for logging. I may be wrong but it's my best educated guess due to the fact that SQL liked using blank SA passwords by default and I'm usually very good about recording passwords and I can't believe I missed this one.

If I change the SA password to something complex, how do I configure ISA to use it? Does ISA 2004 even use the SA account? Could it be disabled safely?
0
Comment
Question by:mascoloj
  • 4
5 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 17782945
By default ISA has its own mechanisms when using msde and built-in controls stop the ISA msde databse being contacted from anywhere except from the isa server itsself. This is referenced in the ISA manual. The fact you are running MOM against the database at all suggests you have amended this setting and turned on the remote monitoring & logging option within the ISA System policy. You are correct; by default, the password is blank.

http://www.microsoft.com/technet/isa/2004/plan/securityhardeningguide.mspx
This is a very good link in respect to hardening the isa2004 server just for your info.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322336
This is useful as it explains how to change the msde password

http://forums.isaserver.org/m_190092100/tm.htm
A link to others who have had a similar requirement

Regards
Keith


0
 

Author Comment

by:mascoloj
ID: 17784092
Hey Keith,
Thanks for getting back to me. I will look over the links and let you know what happens. Just to clearify one thing though, I have MOM installed on the same server as ISA. Because of the environment I have and the way it was built - pre me, ISA is being used more as a way of restricting internet use and reporting on it with the benefit of an additional inspection of the traffic flowing through it. It is a redundant firewall at best with a primary firewall at the edge of my network.

Thanks again,
Mas
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17784104
No probs. Will wait to hear from you :)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17828113
Any update?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17932205
Thank you :)
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
Suggested Courses
Course of the Month11 days, 18 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question