Re: HELP with inbound Ports 25, 80
From: Phillip Windell (_at_.)
Date: 10/11/04
- Next message: Phillip Windell: "Re: blocking inbound traffic, please help"
- Previous message: Phillip Windell: "Re: It is not the case"
- In reply to: Adam: "HELP with inbound Ports 25, 80"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 11 Oct 2004 11:09:11 -0500
"Adam" <anonymous@discussions.microsoft.com> wrote in message
news:255301c4af2f$99f28cb0$a301280a@phx.gbl...
> I'm running Small Business Server 2003 Premium which comes
> with ISA 2000. To make a long story short, ISA configures
> ports 25 and 80 to be OPEN
Actually it is not doing that. There is a difference between a port that
"exists" and a port that can actually be used. I think the hardware NAT
Firewall world has over simplified people's understanding to this stuff.
IIS and SMTP are listening on the external interface, but ISA has its finger
stuck in their ears so they don't hear anything.
Those ports will exist on each interface because the services bind to all
interfaces by default, but they will only function on the internal interface
unless a Packet Filter is created to allow them to function on the external
side. So,...in the end you simply use the ISA's Packet Filters to allow
access to what you want available the the outside, but for the rest,...no
Packet Filter = no access.
-- Phillip Windell [MCP, MVP, CCNA] www.wandtv.com
- Next message: Phillip Windell: "Re: blocking inbound traffic, please help"
- Previous message: Phillip Windell: "Re: It is not the case"
- In reply to: Adam: "HELP with inbound Ports 25, 80"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
