Re: Blocking all traffic

From: "Mariette Knap [SBS MVP]" <mariette@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 10 Mar 2006 22:08:55 +0100

In news:O1Cu9fFRGHA.1688@xxxxxxxxxxxxxxxxxxxx,
Phillip Windell <@.> wrote:

All inbound is already blocked. Inbound is just not even possible
unless you create Publishing Rules and that isn't going to happen by
accident.

I don't know if the IP Ranges on the Internet are that specific, but
if they are you would just create the right type of Network object
in the Toolbox (probably a series of Address Ranges Objects). Then
create a Deny Rule that uses those Objects as the Destination. If it
is a Publishing Rule then these would go in the Exceptions List of
the "From:" part of the rule.

I do not know of any list of IP Ranges associated with particular
countries. There may not even be such a thing. It may not even be
possible,...such an "association" may not even exist. Maybe someone
else will have ideas on that.

Phillip,

Thanks for your answer and also all others. Yes, when nothing is configured
all inbound is blocked. I understand that. Fact is that my server does not
make much sense if I keep it that way :-)

I have several services running and published. What I have done is that I
create a Deny Rule that sits above all other rules:

- Name Block All
- Action Deny
- All Outbound traffic
- From 'Block list'
- To 'All Networks and local host'

This blocks all traffic from and to all IP addresses and networks listed in
the 'Block List'. I tested this and that works just fine. I want to import a
range of IP networks into that list to block a certain country, I just hate
Monaco :-)

Oh well, I will look into the suggestions others made and try to fix
something in VB that imports those lists. I am only wondering how this will
effect performance in ISA...

--
Mariëtte Knap
Microsoft SBS-MVP
One of the Magical M&M's
www.smallbizserver.net
Take part in SBS forum:
http://www.smallbizserver.net/Default.aspx?tabid=53

.

Follow-Ups:
- Re: Blocking all traffic
  - From: SpyroGyrata
- Re: Blocking all traffic
  - From: ahl

References:
- Blocking all traffic
  - From: Mariette Knap [SBS MVP]

Prev by Date: Re: Firewall services crash after applying latest patches+attempting to install ISA 2004 SP2
Next by Date: Re: Firewall services crash after applying latest patches+attempting to install ISA 2004 SP2
Previous by thread: Re: Blocking all traffic
Next by thread: Re: Blocking all traffic
Index(es):
- Date
- Thread

Relevant Pages

Re: Blocking all traffic
... unless you create Publishing Rules and that isn't going to happen by ... in the Toolbox (probably a series of Address Ranges Objects). ... This blocks all traffic from and to all IP addresses and networks listed ... something in VB that imports those lists. ...
(microsoft.public.isa)
Re: foreach enhancement
... that adds lists adds all lists, I don't think its particularly clean to ... With a comprehension exactly what is going to happen is spelled ... > person defines the problem as simple x..y ranges, ... another thinks overlap may be useful ...
(microsoft.public.dotnet.languages.csharp)
Re: foreach enhancement
... >> I also don't think there is any value in using foreach here. ... >> One of the current rules in my lists spec is that IEnumerable objects are ... >> an IEnumerable value, which allows ranges to be used as ... >> strings, I wouldn't have a problem introducing override syntax. ...
(microsoft.public.dotnet.languages.csharp)
Re: foreach enhancement
... >> syntax sufficently that its valid outside of foreach and isin clauses. ... >> The syntax I am considering for basic dynamic ranges will be something ... > declaring Lists easier? ...
(microsoft.public.dotnet.languages.csharp)
RE: Requery data on subform
... My problem was that requerying my combo was leaving the value stored in it - ... To put it more plainly the main form is suppliers, the combo box lists the ... ranges that the supplier has - so change the supplier and the list of ranges ...
(microsoft.public.access.formscoding)