wellz my firewall cont dc than connect than dc cant properly communicate with isa so result is msn n yahoo cant connect properly its connect than dc n than connect than dc coz of firewall coz its cant communicate with isa green arrow turn into red than again green than red so what tha solution m waiting for any suggestion thankz
hi haroon, i guess u'r trying to say that the firewall client shows a red exclamation mark when u refresh it... check the firewall logs and see whats making that firewall service busy it's probably blaster,mydoom or probably another worm that's making some million connections to u'r server and then jamming the service.
for msn messenger make a protocol rule that allows outbound tcp 1863 and for yahoo make an outbound tcp 5050 that will do.
install and configure a personal firewall iff u know how to configure it coz if u dont u'll probably end up blocking all the ports, hence making a denial of service to all clients.
download the blaster and sobig protocol definitions and block the ports that these worms use mydoom and doomjuice are new and are causing problems these days, so better check out these worms, their ports and the varients.
wellz thankz friend but i already make tha both protocol of msn n yahoo acutally m using 2 server on with firewall n other with proxy n u rite tha red mark appear on my firewall which i wanna resolve as u say my doom is that coz of my doom virus wellz i'll try that but if u have other suggesttion infact u say personal firewall which i wont understand can u descirbe it Thankz
From: Dessesrt and Oil
Blaster is the culprit which most of the time does that for you . Because it keeps the internal interface of the Firewall Server bz...
you need to do somework to stop it. First of you need to see your logs files, locate down comptuers which are making traffice headed for port 135(field 12) or see in the application fields(field 3) if there are entries like this mslaugh.exe msblast.exe teekids.exe enbiei.exe
if any of them are there, then this means that your comptuers are infected with Blaster Worm and those comptuers are generating a lot of traffic. Note down those INternanl Computer IP's. Remove there network cable if possible and patch up using predownload Blaster patch from MS website.
Secondly you can do another thing to avoid future disruption...
Open ISA mmc. Go directly to Client Configuration >> Firewall client settings.
Then double click on Firewall client settings. Go to application settings. press NEW. type mslaugh.exe inthe application in the key Select Disable. in the Value Select 1.
do the same thign with mslaugh as well.
Then do the same proecude with teekids.exe, teekids, enbiei.exe, enbiei, msblast.exe and msblast.