Link to home
Start Free TrialLog in
Avatar of camoIT
camoITFlag for Canada

asked on

Setting up ISA server or Forefront for Home

I noticed the other night on my Broadband Internet connection modem there was a lot of traffic.

No one was downloading or surfing. I have a Linux server on the network that displayed almost every second there were attacks from different usernames trying to get on my FTP server. i.e. Adam, Joe, John...from random IP's  (I only use my FTP server for me)
In speaking to someone they recommended ISA server... Can someone help me setup so its in front on my wireless router?
I have built a windows 2003 server with ISA installed...
If there is another solution please tell me...I have access to servers, desktops, and Enterprise Libraries.
Avatar of Suliman Abu Kharroub
Suliman Abu Kharroub
Flag of Jordan image

First of all I would suggest to change the password to something very complex.

Install ISA server, then create publish rule to publish th FTP site.

ISA/TMG is not going to help anything with that.

They are not technically attacks,...they are login attempts.  Yes they may have negative intentions,...but from a technical perspective they are nothing more than login attempts.   Log in attempts are just going to keep trying to login because that is what login attempts do.  

When ISA/TMG Published an FTP Service it is nothing more than a typical Reverse-NAT.  So all it does is pass the connection back tot he FTP Server,...everything else from that point depends on the FTP Server which is no different than what you already are doing.

So you only protection is complex passwords,...nothing will change that.

If you are always connecting to the FTP Server yourself from the same IP# then you can restrict the connections to that particular source IP#,...but I seriously doubt you are always connecting to it yourself from the same IP.  If you are then ISA can do that,...but some can dozens of other cheaper solutions, you actually have $6000.00 to $10,000.00 to spend on a properly built ISA/TMG Server to protect a simple FTP Server?

What the heck is an Enterprise Library?
I really wish this site had an Edit feature so we can go back and fix the typos!!!
Avatar of camoIT


I really wish that some of the more experienced people on here would take a second and realize that their High Horse responses only accomplish 2 things:
1. Less comments and Questions posted on this site.
2. Another person without a general understanding  and/ or still without answers.

First of all...A colleague of mine had ISA server installed at home which he claimed "Protected him very well from spamming and intrusion prevention. My experience is..I had an Nokia Checkpoint Firewall in place - but the license has now expired.  I am back to Linksys and DD-WRT FW.
Enterprise License where I am employed let me use the EA agreement to download ISA/ Forefront for personal use.

The conclusion is - I wanted to know how to install it (Not just for FTP) to have better protection at home...or if I should even bother.

One very major protection for an FTP Server is to make sure the "FTP Site" location is on a dedicated Drive Partition.  Then if it gets hacked and they create a gazzillion folders with illegal names that you can't delete (this is the most common thing that happens) you can simply reformat the partition and restore the data back again.  I have fixed hacked FTP Servers that were properly prepared this way in less than 30 minutes before.

But if you screw up and put the FTP Sites in the same partition as the OS then you have to format and reload the entire server from scratch or do a "bare-metal" restore from a full backup.
I'm not on a High Horse.

But I have been working with ISA/TMG for 12 years.  I am not going to mislead you and am going to be completely honest with as I am with everyone else.  I am also forced to make assumptions about the situation based on what you asked,....and you  only asked about the FTP Server.

If you want to use ISA/TMG for its designed purpose of being a Corporate Enterprise Firewall, then it is a great product and will serve you well.  I consider it to be the best firewall and the most secure firewall on the market.  However it is also expensive,...and is designed to run on Server hardware that typically may cost somewhere around $6000.00 depending on exactly what you buy.  I don't like to see people over-buying for their needs and getting products that may be too big and require too much expertise to operate,...or worse yet simply does not do what they actually thought it would do when they bought it.
Personally I think it is way too complex for home use.   Parts of it just don't even work without a regular Active Directory Domain deployed on a separate server.
Avatar of camoIT


I have a server that hosts many services called a QNAP I am running the 539pro)

This NAS/Server shows me log on attempts and online users.The FTP is only an example of the attempts made into the box.
In your last response - I would like to explain that with some acquisitions the company has made, I have been offered many different DELL Power Edge Servers, with many configurations.
My intentions were this: 2 year old server - Free along with necessary software - Free...

Could we make something happen a little bit better??

When I had the Checkpoint firewall in place - I used to watch over 10k attempts/ spam / garbage denied per day.

I know your stand point is "its truely overkill" but my concern is my QNAP which hosts all my content, photos, music, documents.....

Should I or shouldn't I
Avatar of pwindell
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Guys,...let's get an edit feature so we can fix typos in the posts.  Sometimes the typos are so bad I can barely understand what I was saying,..and I wrote it.  Trying to type posts in Word or something else with a grammar checker to clean it up is a lot of hassle.
Avatar of camoIT


thanks for the help!