Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2775
  • Last Modified:

Block inbound traffic from specific IP address

Does anyone know an easy way to block certain external IP address from reaching an ISA server 2004 on SBS system? I keep getting port scanned from a bunch of IP's which ISA reports to me, but I can't completely block the IP's from accessing my ISA server. I know that other firewalls have an access list that I can manually add IP's from reaching my network. Any suggestions would be greatly appreciated.

-Todd
0
computersights
Asked:
computersights
  • 2
1 Solution
 
Don S.Commented:
ISA is your firewal and is reporting that is blocking the offending parties.  If you don't want ISA to see that traffic, you must block it up stream from the ISA server - at the router or your ISP.
0
 
computersightsAuthor Commented:
I know that I could block it upstream (assuming my router supports it-which it doesn't) but shouldn't I also be able to block it at the ISA? For instance - over the last hour, every 2 minutes I get an IDS message - shouldn't ISA block and deny any further access from an offending external IP?
0
 
Don S.Commented:
Thats exactly what ISA is doing.  It's just telling you that it's doing it.  It's the same thing as if you were looking at the syslog on any other firewall - it would be logging the fact that it blocked a scan or attack.  There is no way to stop an attacker from banging up against your firewall unless you block them further upstream.
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now