Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RE: I'm not secure! Help me please!

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> General >> RE: I'm not secure! Help me please! Page: <<   < prev  1 2 [3]
Login
Message << Older Topic   Newer Topic >>
RE: I'm not secure! Help me please! - 11.Feb.2002 10:05:00 AM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		There is nothing in either of the logs related to ISA server.

And I have reformatted my system completely. So that takes out the chance of any back door, or virus. It is a problem with ISA server I think. Or my system, but I can't find either. And am getting very angry here.

(in reply to Guest)
Post #: 41
RE: I'm not secure! Help me please! - 11.Feb.2002 10:23:00 AM   
marcus2v

 

Posts: 78
Joined: 28.Oct.2001
From: Reading, UK
Status: offline 		Mike,

Just out of curiosity how are you port scanning your ISA server? Software/method etc.

Marcus

(in reply to Guest)
Post #: 42
RE: I'm not secure! Help me please! - 11.Feb.2002 4:52:00 PM   
batigoooal

 

Posts: 2
Joined: 11.Feb.2002
Status: offline 		Hello Mike,

First sorry but I could not help you for a simple reason : I have the same problem that you.

I have a Win2k server(dc) with 2 Nic :

* 1 on 10.0.0.10 (for my ADSL modem)
* 1 on 192.168.0.1 (for my Lan)

After Enable packet filtering, I have tried a port scanner on my Ip and I fuond more than 10 ports open. I have tried to block all ports with Enable Packet filtering, but It's always the same results. I'm very confused but I did not found any solution!

If anyone have time to see my problem, contact me by mail at batigoooal@hotmail.com, Maybe somebody could help me [Frown]

(in reply to Guest)
Post #: 43
RE: I'm not secure! Help me please! - 11.Feb.2002 8:05:00 PM   
jmunyan

 

Posts: 800
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline 		So there is nothing is the ISA setup log about ISA? Did all the components register properly. What failures are listed? Even though the install completed and reported success there are other errors which are often surpressed. Looks like you either have some digging to do, or you should get some cigars, rum and a chicken and start making some sacrifices. By the way this is all licensed known good software right, not some warez download or something that is suspect?

John

(in reply to Guest)
Post #: 44
RE: I'm not secure! Help me please! - 12.Feb.2002 11:45:00 AM   
batigoooal

 

Posts: 2
Joined: 11.Feb.2002
Status: offline 		For your information I have no erro message in my log, no error messag during installation, and I have a licensed version Of ISA.

I have call Microsoft for help but for any help I must paid!

I wish that i could find some free help on the net
but time have changed and free help is very difficult to find, I am in the same case of other people I spend a lot of time to try secure my Isa firewall with no result, I know that probably I do an error but It is not a solution to stop search, maybe I finally found the solution to my problem!

Thanks to all people who tried to help other, Keep help free!

(in reply to Guest)
Post #: 45
RE: I'm not secure! Help me please! - 13.Feb.2002 9:47:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		One problem I can see as a possibility here is that the LAT may contain internal and external IP addresses, since you're using private addresses for internal and external networks.

IMHO, DSL should be banned [Smile]

However, I stick to my guns that this is a host based problem, since I don't see any evidence that ISA Server is doing anything wrong.

However, I had to continue this thread, as I believe it sets a new record.

[Eek!]

HTH,
Tom

(in reply to Guest)
Post #: 46
RE: I'm not secure! Help me please! - 14.Feb.2002 11:53:00 AM   
SHealey

 

Posts: 60
Joined: 22.Jan.2002
From: denver
Status: offline 		tom, im sure you have much more experience in dealing with dsl setups and have had to deal with greater frustration with dsl accounts. but, at work i utilize isa on a dedicated t1 and at home i use dsl with no problems. granted i have an external router and two nics in my isa box at home. the dsl nic solution has much to be desired and i too encourage people to stay away, for other reasons. my friend has a dsl nic and we have isa working just fine. in fact i would go as so far to say that i havent noticed a difference between the instalations in any of the three scenarios i have installed isa. my problem with nic based dsl connections are the drivers. intel dsl nic drivers are just the suq.

(in reply to Guest)
Post #: 47
RE: I'm not secure! Help me please! - 14.Feb.2002 2:52:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi S,

You are right. There just seems to be so *many* people with problems that have DSL, that I might be blaming DSL unfairly. In fact, I rarely deal with DSL, because all the people I've worked with in the last six months either ISDN or dedicated circuits. I think I'll punt on xDSL questions in the future, since I never know what is actually going on.

Thanks!

Tom

(in reply to Guest)
Post #: 48
RE: I'm not secure! Help me please! - 14.Feb.2002 10:03:00 PM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		I have looked through every single log that I can find and do not see any problems, except ones I see on every ISA server, working or not. And my ISA is a registered, purchased version from MS. That of which I might be selling on the black market. Muahahahaha... Actually, I might sell it to a company for $500... That sounds reasonable doesn't it? This of course all depends if it works how I want it to when I get my router, if it doesn't, I'm selling it.

Opps I said router, or this is what I have decided. I have gone out and bought a router. A Cisco 678 ADSL Router. The router will be at my house in a week or so.

Here's what I'd like to do. Let me now what you think...

I will have my DSL connected to my router, that e0 port (ethernet) that comes out of the router will go into a NIC on my ISA Server, this will work by using NAT I belive. Then I will have another NIC in my ISA that goes out to a switch, other workstations and servers will get thier internet connection from the switch, through the ISA Server, to the router. I belive this will work. Correct me if I am wrong.

If you'd like some specifications and features info on the Cisco 678 ADSL router let me know.

This looks like a really nice, top of the line router for ADSL users. I will be using the new DMT encoding, I was using CAP before. Everything should work fine I think. Obviously when I get the router I will have to console into it and configure it. I am just hoping I can use NAT, and still let me server do DHCP and not the router want/have to do DHCP.

So hopefully this will fix my ISA Server security problem. I am just going to install ISA in cache mode. This was I still have my cache, and I can host my website. I'm not exactly sure why my current configuration does not work, but I have been messing with it for weeks, and getting no where. So forget it.

[ February 14, 2002, 10:07 PM: Message edited by: Mike_Gregory ]

(in reply to Guest)
Post #: 49
RE: I'm not secure! Help me please! - 19.Feb.2002 10:41:00 PM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		Does anyone have any comentary on this? Good idea? Bad Idea? Will work? Will not work? Anything?

(in reply to Guest)
Post #: 50
RE: I'm not secure! Help me please! - 19.Feb.2002 11:01:00 PM   
jmunyan

 

Posts: 800
Joined: 3.Feb.2001
From: Seattle, WA
Status: offline 		Don't know why it wouldn't work. NAT is NAT and you can nat to nat to nat to nat if done properly. I don't know about your router/fw think, if it is stateful and everything else great. If not and it is just a nat device like a linkysys dsl router then no. See linksys to compare your product.

I would use the router/nat device to front isa in intergrated mode. Just me, its what I do and haven't had any problems.

Best of luck,

John

(in reply to Guest)
Post #: 51
RE: I'm not secure! Help me please! - 20.Feb.2002 12:10:00 AM   
marcus2v

 

Posts: 78
Joined: 28.Oct.2001
From: Reading, UK
Status: offline 		Mike,

I'm still curious as to what method of port scanning you are using to test whether the ports are open or closed on your ISA server?

Personally i think its a good idea putting the router in ... but would agree with john to still install ISA in integrated mode.

Marcus

(in reply to Guest)
Post #: 52
RE: I'm not secure! Help me please! - 20.Feb.2002 12:40:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Mike,

You can do whatever changes you want to your infrastructure, but you are going to have to take the time and research the host based security issues you have, or else you'll get owned again and again and again.

HTH,
Tom

(in reply to Guest)
Post #: 53
RE: I'm not secure! Help me please! - 22.Feb.2002 6:46:00 AM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		I used many different methonds, one I like, using GRC.com's shields up. I have also scanned my system from external sources using port scanners such as Languard network scanner, and a few others.

Anyway... I got my router! And I have it setup and everything, (except for my site) is working PERFECTLY... ALthough I am not using ISA server at the moment.

I got NAT going and DHCP, while using a static IP for my DSL connection. So far everything is working perfectly. I am only having one problem, perhaps someone can help.

If you go to my website, or anyone, it brings up a username and pass request to access my site, I am pretty sure it is the router, and I can't find where to turn this off. I did a show web in my router and web is enabled, on port 80, and accepts a connection from any host. But I am not exactly sure if this is the "web" I want. For some reason I got a strange preminition it is some sort of web-based managment for my router, however I am not sure. I have been unable to contact tech support since I don't get home in time, but I will be calling from work tomorrow I think. But if anyone knows exactly what the problem is let me know.

As for ISA server. How do you suggest I setup my infrastructure. The main reason I got this router, was so that everyone on my network, could have internet access at all times, therefor not needing a server to share the connection, and when the server is down, no one can access. Getting the router has fixed that issue. Yet I still want to use ISA server. Yet I do not know how I wanna set it up.

I will explain my current network infrastructure tomorrow (im tired right now), I may just explain it in words, or if anyone uses MS Visio I may make a diagram for ya'll.

Anyway basically I wanna know if I should have my router connect directly to my ISA server, and have my ISA server share the internet connection, this is how I really want to do it, but I must be sure this server will be reliable, because I do not want to hear any more complains from members of this house (lol... every time the server's down "DAMN IT! I cant get my e-maili!... sad). If possible, I'd like my router to connect to my switch, (as it is now) and also have my ISA sharing. But I don't know if this is possible having 2 sources hosting one internet connection. Reason for this if my ISA server goes down, or needs restarted, users can just go through the switch, to the router, instead of the proxy. But this all seems kinda complex... Anyway I am tired and don't wanna talk anymore. Please opinionate on what you all think.

Thanks, Mike

(in reply to Guest)
Post #: 54
RE: I'm not secure! Help me please! - 25.Feb.2002 5:50:00 AM   
got2btru

 

Posts: 38
Joined: 19.Sep.2001
From: Frisco, TX
Status: offline 		tshinder - thought I would warm you up to the fact that I have DSL & have yet to have ANY problems. GRC says that I am completely in STEALTH mode except for pop3 & SMTP. Eventually I will host my own web sites (thebrunos.com & petrameansrock.com), but I have to settle down & purchase a house again before I go that route!

Chris...

(in reply to Guest)
Post #: 55
RE: I'm not secure! Help me please! - 25.Feb.2002 7:15:00 AM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		Ok I drew out my network on a piece of paper. Check this out... (I did it at school, was bored, lol)



Current is my current setup, P1 is proposal 1, and P2 is proposal 2... I am still unsure with what I want to do. But right now with my current setup, things are working well. My website is working, all PCs on the network have an internet connection, my router is NATing, everything is secure, for the most part, that is ports all show in stealth except 80 (for my website of course). So everything is working great WITHOUT ISA. However I would like to use ISA for caching of websites for my network (because ever since i stoped using ISA, I have noticed slower load times) and the firewall to enhance my security. Although in this case I am considering connecting my router directly to my ISA, and using 2 NICS. Although for some reason I can not get ISA to reconize my real world IP number. Therefor I cannot host FTP since it wants a outside IP. How can I get this to work?

Let me know what you think I should do.

Thanks again,

Michael Gregory
www.megabytemike.com

(in reply to Guest)
Post #: 56
RE: I'm not secure! Help me please! - 25.Feb.2002 7:19:00 AM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		Oh... let me explain P2...

I am thinking of adding a hub into this. The reason is so that all users (except the server) have a backup route to the internet in case the ISA server is down, or restarting. (by disabling ISA server, I can get to the net without ISA). Will this setup work? Either way, as compared to P1, the ISA server would think it is connected directly to the router, so I will still use 2 nics in the ISA so that it can do its thing... I am still a bit confused (yes, I confused my self) as to what I am going to do. What do you think?

I am open to all suggestions. I would LIKE to do P2. Since that looks best to me. And hubs are really cheap. [Smile] So I think if you think this will work out well, then I will do it.

Thanks again,

Mike

(in reply to Guest)
Post #: 57
RE: I'm not secure! Help me please! - 25.Feb.2002 7:20:00 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Mike,

P1 is definitely the way to go, and is the most standard. The segment between the LAN interface of the router and the external interface of the ISA Server is your DMZ. Assign IP addresses from your public block to servers in your DMZ. Just connect those DMZ hosts, the external interface of the ISA Server and the LAN interface of the router to the same switch.

That way, you have a public IP address on the ISA Server and your DMZ hosts. Just like normal. [Big Grin]

HTH,
Tom

(in reply to Guest)
Post #: 58
RE: I'm not secure! Help me please! - 25.Feb.2002 8:24:00 AM   
Mike_Gregory

 

Posts: 24
Joined: 30.Jan.2002
Status: offline 		Would this require more than one IP? Because I do not have a static IP, nor do I have more than one real word IP address.

I really like P2. What do you think about that one? Basically, would that do pretty much the same thing, except to provide an alternate route if the ISA server is offline?

Thank you for your response, I look forward to your next one.

Thank you,

Mike

(in reply to Guest)
Post #: 59

Page:   <<   < prev  1 2 [3] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> General >> RE: I'm not secure! Help me please! Page: <<   < prev  1 2 [3]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts