Improve company productivity with a Business Account.Sign Up

x
?
Solved

Block inbound traffic from specific IP address

Posted on 2007-11-16
5
Medium Priority
?
2,779 Views
Last Modified: 2011-08-18
Does anyone know an easy way to block certain external IP address from reaching an ISA server 2004 on SBS system? I keep getting port scanned from a bunch of IP's which ISA reports to me, but I can't completely block the IP's from accessing my ISA server. I know that other firewalls have an access list that I can manually add IP's from reaching my network. Any suggestions would be greatly appreciated.

-Todd
0
Comment
Question by:computersights
  • 2
4 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 20299819
ISA is your firewal and is reporting that is blocking the offending parties.  If you don't want ISA to see that traffic, you must block it up stream from the ISA server - at the router or your ISP.
0
 

Author Comment

by:computersights
ID: 20299856
I know that I could block it upstream (assuming my router supports it-which it doesn't) but shouldn't I also be able to block it at the ISA? For instance - over the last hour, every 2 minutes I get an IDS message - shouldn't ISA block and deny any further access from an offending external IP?
0
 
LVL 18

Accepted Solution

by:
Don S. earned 200 total points
ID: 20300063
Thats exactly what ISA is doing.  It's just telling you that it's doing it.  It's the same thing as if you were looking at the syslog on any other firewall - it would be logging the fact that it blocked a scan or attack.  There is no way to stop an attacker from banging up against your firewall unless you block them further upstream.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20699006
Forced accept.

Computer101
EE Admin
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Watch the video of Kernel Migrator for SharePoint, which demonstrate the process easily of migration from SharePoint to SharePoint, OneDrive for Business & Google Drive servers, Public Folder to SharePoint, File Server to SharePoint. The tool has va…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question