Solved

Block inbound traffic from specific IP address

Posted on 2007-11-16
5
2,739 Views
Last Modified: 2011-08-18
Does anyone know an easy way to block certain external IP address from reaching an ISA server 2004 on SBS system? I keep getting port scanned from a bunch of IP's which ISA reports to me, but I can't completely block the IP's from accessing my ISA server. I know that other firewalls have an access list that I can manually add IP's from reaching my network. Any suggestions would be greatly appreciated.

-Todd
0
Comment
Question by:computersights
  • 2
5 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 20299819
ISA is your firewal and is reporting that is blocking the offending parties.  If you don't want ISA to see that traffic, you must block it up stream from the ISA server - at the router or your ISP.
0
 

Author Comment

by:computersights
ID: 20299856
I know that I could block it upstream (assuming my router supports it-which it doesn't) but shouldn't I also be able to block it at the ISA? For instance - over the last hour, every 2 minutes I get an IDS message - shouldn't ISA block and deny any further access from an offending external IP?
0
 
LVL 18

Accepted Solution

by:
Don S. earned 50 total points
ID: 20300063
Thats exactly what ISA is doing.  It's just telling you that it's doing it.  It's the same thing as if you were looking at the syslog on any other firewall - it would be logging the fact that it blocked a scan or attack.  There is no way to stop an attacker from banging up against your firewall unless you block them further upstream.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20699006
Forced accept.

Computer101
EE Admin
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question