Re: IP security policy: blocking access
From: x y (jamescagney90210@excite.com)
Date: 07/16/02
- Next message: Intermedia.NET Support \(DS\): "Re: Lock Up"
- Previous message: x y: "Re: \winnt\system32"
- In reply to: Pat: "IP security policy: blocking access"
- Next in thread: Pat: "Re: IP security policy: blocking access"
- Reply: Pat: "Re: IP security policy: blocking access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "x y" <jamescagney90210@excite.com> Date: Tue, 16 Jul 2002 07:26:20 -0400
Windows 2000 IPsec packet filtering does not have logging, which is
absolutely essential. You need a firewall software or hardware that logs
blocked packets, so you can 1) troubleshoot problems and 2) detect
intrusions. Sygate firewall is a free or inexpensive way to do this. Note
that any software solution for blocking packets, including IPsec, can
theoretically be bypassed or disabled by malicious code like trojans.
"Pat" <nobody@nowhere.com> wrote in message
news:uOITw6$KCHA.1608@tkmsftngp09...
> I am trying to block access to a FTP server in the DMZ. No other server in
> the DMZ should be able to access this specific server. On the other hand,
> this server should be able to access all the other servers in the DMZ.
>
> If I deny access for all other servers (source: DMZ subnet, destination:
my
> IP, deny), the FTP server can't access the others, either (ping, ftp
etc.)?
> What am I missing?
>
>
- Next message: Intermedia.NET Support \(DS\): "Re: Lock Up"
- Previous message: x y: "Re: \winnt\system32"
- In reply to: Pat: "IP security policy: blocking access"
- Next in thread: Pat: "Re: IP security policy: blocking access"
- Reply: Pat: "Re: IP security policy: blocking access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
