Re: Something about ISA Server 2000...

From: Laura A. Robinson (larobins@bellatlantic.net)
Date: 10/26/01 

Message-ID: <01fc01c15dad$2fcbdf20$0b00010a@lauradominion.com>
From: "Laura A. Robinson" <larobins@bellatlantic.net>
To: "Jim Harrison (SPG)" <jmharr@microsoft.com>, "Los, Ralph" <rlos@EnvestNet.com>, "Progenit Service S.r.l." <agente_progenit@public.iunet.it>, <focus-ms@securityfocus.com>
Subject: Re: Something about ISA Server 2000...
Date: Thu, 25 Oct 2001 19:31:27 -0400

Agreed, bad wording on my part. IIRC, the vulnerabilities were only a memory
leak problem and a DOS vulnerability, weren't they? Or were there
vulnerabilities that did allow passage through ISA to the internal network?
(ISA isn't one of my focus areas)

With that said, anybody who thinks a firewall can truly protect a network
from compromise is sorely mistaken. :-) For those who might be interested in
what I mean, I'd strongly recommend taking courses offered by Real World
Security ( http://www.realworldsecurity.com ). I don't think they've yet
made all of the information about their courses available on their web site,
but I was fortunate enough to get to see them in action (they show you the
cracker's mentality and toolkit, not just the network admin's approach) and
I can assure anybody that all a firewall does against a dedicated cracker is
to *potentially* lengthen the amount of time it takes to compromise a
network.

Laura Robinson
MCSE (NT/W2K), MCT, CLI, PCLP ;-)

----- Original Message -----
From: "Jim Harrison (SPG)" <jmharr@microsoft.com>
To: "Laura A. Robinson" <larobins@bellatlantic.net>; "Los, Ralph"
<rlos@EnvestNet.com>; "Progenit Service S.r.l."
<agente_progenit@public.iunet.it>; <focus-ms@securityfocus.com>
Sent: Thursday, October 25, 2001 7:05 PM
Subject: RE: Something about ISA Server 2000...

I have to correct that statement; there have been vulnerabilities in ISA
and they've been patched as they've been discovered. The Microsoft
download and security sites are good places to keep up to date on those
things.

* Jim Harrison
MCP(NT4, 2K), A+, Network+

-----Original Message-----
From: Laura A. Robinson [mailto:larobins@bellatlantic.net]
Sent: Thursday, October 25, 2001 14:23
To: Los, Ralph; 'Progenit Service S.r.l.'; focus-ms@securityfocus.com
Subject: Re: Something about ISA Server 2000...

Just as an FYI, while there are several known hacks against Checkpoint's
Firewall-1, there are (as of yet) no known vulnerabilities in ISA. With
that said, it can be a bit of a pain to work with.

Laura
----- Original Message -----
From: "Los, Ralph" <rlos@EnvestNet.com>
To: "'Progenit Service S.r.l.'" <agente_progenit@public.iunet.it>;
<focus-ms@securityfocus.com>
Sent: Thursday, October 25, 2001 11:56 AM
Subject: RE: Something about ISA Server 2000...

> Giancarlo,
>
> Unfortunately, yes I have both experience and opinion. I started to
> play around with ISA 2000 a while ago, and now I run 3 CheckPoint
> FW-1's. Nothing beats a CheckPoint, in my book, BUT, Netscreen is a
> great little box, and Watchguard is worth the price as well for
> smaller offices.
>
> I'd stay away from ISA as a firewall, trust me, it's not something you

> want to have to deal with...<shudder>....and I'm a Microsoft fan.
>
> Regards
>
> Ralph M. Los
> Asst. Vice-President, Internet Systems and Security EnvestnetPMC
> rlos@envestnet.com
> (312) 827-3945 (direct)
> (312) 296-9003 (wireless w/voicemail)
> * If you haven't been hacked, you don't know where your
vulnerabilities
lie*
>
>
> -----Original Message-----
> From: Progenit Service S.r.l. [mailto:agente_progenit@public.iunet.it]
> Sent: Thursday, October 25, 2001 5:10 AM
> To: focus-ms@securityfocus.com
> Subject: Something about ISA Server 2000...
>
>
> Hi all,
>
> has someone an opinion (good or bad....)concerning ISA Server 2000
installed
> as firewall? How many differences are among this software solution
from
> Microsoft and Check Point Firewall-1, Netscreen 10/100, Watchguard or
Cisco
> PIX?
>
> Any help would be appreciated.
>
> Thanks
>
> ---------------------------------------------------------------
> Giancarlo Ballestracci
> Technical Support
> Progenit Service S.r.l. Agenzia TENOVIS-NEWTEL Telecommunications -
> Information Security - New Technologies Tel 055-456336 Fax 055-452330
> ---------------------------------------------------------------

Relevant Pages

  • Re: CEICW fails - several errors
    ... The firewall isn't used when ISA is installed. ... On the WAN NIC of your server the DNS has to point to the LAN IP. ... I immediately checked and ISA Server ...
    (microsoft.public.windows.server.sbs)
  • Re: Outbound VPN
    ... Your SBS client cannot establish PPTP VPN through ISA 2004. ... Chapter 6: ISA Server 2004 VPN Deployment Kit: Configuring the ISA Server ... 2004 Firewall for Outbound PPTP and L2TP/IPSec Access ...
    (microsoft.public.windows.server.sbs)
  • Re: T1 connection slow - firewall config issue
    ... domain controller, a isa server, and a Mail server among others. ... if the firewall is disabled... ... does Anyone have any configuration suggestions, or any ideas as to why ...
    (microsoft.public.isa)
  • Re: Trying to understand this behavior, Ports in IIS
    ... That tells me the ISA server was accepting the connections. ... assign port 8080. ... In the border router and in the PIX firewall (both devices are "in front of" ...
    (microsoft.public.inetserver.iis.security)
  • RE: ISA2004 post upgrade cleanout
    ... run it 3 or 4 times before it went through the firewall cleanly. ... > I think that the simple way is to change the ISA settings to the SBS ... please also delete the "Microsoft ISA server" folder ...
    (microsoft.public.windows.server.sbs)