?
Solved

ISA logging to MSDE security

Posted on 2006-10-21
5
Medium Priority
?
279 Views
Last Modified: 2013-11-16
I've been scouring the internet for an answer to this question but can't seem to find one, so I hope someone here can help. I have an ISA 2004 installation logging to a MSDE DB. This DB has 3 security accounts associated with it, BuiltIn\Administrators, NT Authoriy\Network Service and SA. I use MOM 2005 on my network and noticed an event stating that one of these accounts has a NULL or weak password. My guess is that it is talking about the SA account.

I do not remember what the password was for the SA account but my guess is that it is NULL by default and that ISA is using it for logging. I may be wrong but it's my best educated guess due to the fact that SQL liked using blank SA passwords by default and I'm usually very good about recording passwords and I can't believe I missed this one.

If I change the SA password to something complex, how do I configure ISA to use it? Does ISA 2004 even use the SA account? Could it be disabled safely?
0
Comment
Question by:mascoloj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 17782945
By default ISA has its own mechanisms when using msde and built-in controls stop the ISA msde databse being contacted from anywhere except from the isa server itsself. This is referenced in the ISA manual. The fact you are running MOM against the database at all suggests you have amended this setting and turned on the remote monitoring & logging option within the ISA System policy. You are correct; by default, the password is blank.

http://www.microsoft.com/technet/isa/2004/plan/securityhardeningguide.mspx
This is a very good link in respect to hardening the isa2004 server just for your info.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322336
This is useful as it explains how to change the msde password

http://forums.isaserver.org/m_190092100/tm.htm
A link to others who have had a similar requirement

Regards
Keith


0
 

Author Comment

by:mascoloj
ID: 17784092
Hey Keith,
Thanks for getting back to me. I will look over the links and let you know what happens. Just to clearify one thing though, I have MOM installed on the same server as ISA. Because of the environment I have and the way it was built - pre me, ISA is being used more as a way of restricting internet use and reporting on it with the benefit of an additional inspection of the traffic flowing through it. It is a redundant firewall at best with a primary firewall at the edge of my network.

Thanks again,
Mas
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17784104
No probs. Will wait to hear from you :)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17828113
Any update?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17932205
Thank you :)
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question