Solved

Block inbound traffic from specific IP address

Posted on 2007-11-16
5
2,736 Views
Last Modified: 2011-08-18
Does anyone know an easy way to block certain external IP address from reaching an ISA server 2004 on SBS system? I keep getting port scanned from a bunch of IP's which ISA reports to me, but I can't completely block the IP's from accessing my ISA server. I know that other firewalls have an access list that I can manually add IP's from reaching my network. Any suggestions would be greatly appreciated.

-Todd
0
Comment
Question by:computersights
  • 2
5 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 20299819
ISA is your firewal and is reporting that is blocking the offending parties.  If you don't want ISA to see that traffic, you must block it up stream from the ISA server - at the router or your ISP.
0
 

Author Comment

by:computersights
ID: 20299856
I know that I could block it upstream (assuming my router supports it-which it doesn't) but shouldn't I also be able to block it at the ISA? For instance - over the last hour, every 2 minutes I get an IDS message - shouldn't ISA block and deny any further access from an offending external IP?
0
 
LVL 18

Accepted Solution

by:
Don S. earned 50 total points
ID: 20300063
Thats exactly what ISA is doing.  It's just telling you that it's doing it.  It's the same thing as if you were looking at the syslog on any other firewall - it would be logging the fact that it blocked a scan or attack.  There is no way to stop an attacker from banging up against your firewall unless you block them further upstream.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20699006
Forced accept.

Computer101
EE Admin
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now