Solved

Block inbound traffic from specific IP address

Posted on 2007-11-16
5
2,754 Views
Last Modified: 2011-08-18
Does anyone know an easy way to block certain external IP address from reaching an ISA server 2004 on SBS system? I keep getting port scanned from a bunch of IP's which ISA reports to me, but I can't completely block the IP's from accessing my ISA server. I know that other firewalls have an access list that I can manually add IP's from reaching my network. Any suggestions would be greatly appreciated.

-Todd
0
Comment
Question by:computersights
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 20299819
ISA is your firewal and is reporting that is blocking the offending parties.  If you don't want ISA to see that traffic, you must block it up stream from the ISA server - at the router or your ISP.
0
 

Author Comment

by:computersights
ID: 20299856
I know that I could block it upstream (assuming my router supports it-which it doesn't) but shouldn't I also be able to block it at the ISA? For instance - over the last hour, every 2 minutes I get an IDS message - shouldn't ISA block and deny any further access from an offending external IP?
0
 
LVL 18

Accepted Solution

by:
Don S. earned 50 total points
ID: 20300063
Thats exactly what ISA is doing.  It's just telling you that it's doing it.  It's the same thing as if you were looking at the syslog on any other firewall - it would be logging the fact that it blocked a scan or attack.  There is no way to stop an attacker from banging up against your firewall unless you block them further upstream.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20699006
Forced accept.

Computer101
EE Admin
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question