Re: IPSec for Packet Filtering
From: S. Pidgorny [MVP] (slavickp@yahoo.com)
Date: 03/08/03
- Next message: Michel Gallant \(MVP\): "Re: Administrator account"
- Previous message: Karl Levinson [x y] mvp: "Re: Administrator account"
- In reply to: Karl Levinson [x y] mvp: "Re: IPSec for Packet Filtering"
- Next in thread: Ray: "Re: IPSec for Packet Filtering"
- Reply: Ray: "Re: IPSec for Packet Filtering"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "S. Pidgorny [MVP]" <slavickp@yahoo.com> Date: Sat, 8 Mar 2003 12:16:41 +1100
Another thing theat IPsec filtering lacks is any protection against IP
spoofing.
-- Svyatoslav Pidgorny, MS MVP, MCSE -= F1 is the key =- "Karl Levinson [x y] mvp" <levinson_k@despammed.com> wrote in message news:uOo9wxQ5CHA.1732@TK2MSFTNGP12.phx.gbl... > Try the links listed here: > > http://securityadmin.info/faq.htm#ipsec > > Blocking just a few ports doesn't make for a very effective security > solution and doesn't make you very much more secure. You really want to > block ALL ports both incoming and outgoing, except for those you > specifically want or need to permit. IPSec filtering lacks logging and > alerting and intrusion detection, so if you are hacked, you won't have any > evidence there of who did it, or you suspect your filtering is blocking > something, it'll be difficult to determine which port if any needs to be > opened. Really, IPSec is OK if used in addition to a firewall, but is > probably not a good replacement for a firewall. There are even free > firewalls you can use, such as these: > > http://securityadmin.info/faq.htm#firewall > > > "Ray" <res0cu5i@verizon@net> wrote in message > news:ekNFAXM5CHA.1896@TK2MSFTNGP10.phx.gbl... > > I would like to use an IPSec Filter for packet filtering on an MS SQL > > server. I've created new filter to block 1433 & 1434 TCP/UDP traffic to > > this server (Source Ports are 1433 & 1434 while the Dest Ports are ANY). > > Under the Filter Action tab I've selected "Require Security - Block". > Since > > this (Require Security) is a radio button, does it matter what Filter > > Actions are selected for the "Request Security" & "Permit" options? > > I've looked through the ResKit but didn't find much info on using > IPSec > > for Packet Filtering, the same goes for TechNet. What are some good texts > > or links for this kind of info? > > Thanks in advance, > > Ray > > > > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003 > >
- Next message: Michel Gallant \(MVP\): "Re: Administrator account"
- Previous message: Karl Levinson [x y] mvp: "Re: Administrator account"
- In reply to: Karl Levinson [x y] mvp: "Re: IPSec for Packet Filtering"
- Next in thread: Ray: "Re: IPSec for Packet Filtering"
- Reply: Ray: "Re: IPSec for Packet Filtering"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
