Re: firewall between game servers and clients

On Sep 14, 2:39 pm, "Phillip Windell" <philwind...@xxxxxxxxxxx> wrote:
"fairchild" <echovo...@xxxxxxxxx> wrote in message

news:1189804330.051206.79210@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

What i want to do is have a firewall between the gamers and the game
servers... i want to do this to restrict traffic based on protocols,
ports ect and prevent attacks on the game servers.... (all traffic is
on the local network, but i guess i could set the game servers to be
external....) my question is: is isa overkill?

The Gaming software is not written to work over Proxy Based Firewall and is
still a problem over NAT based Firewalls. It doesn't matter what game it is
or who wrote it,...it is the same story

The Traffic Profile generated by the Gaming software is not designed to work
over a firewall. Again, it doesn't matter what game it is or who wrote
it,...it is the same story. Even if they claim it is capable,...look at what
all they are actually telling you to do,...it will prove my point.

They all use a massive amount of Ports, and worse yet they are usually
*random* numbers within a range so there is no good way to monitor the
Traffic Profile's needs. And again, it doesn't matter what game it is or
who wrote it,...it is the same story.

create a bottleneck in the network, can i have 4 or 6 or 8 nics in the
system each pair running traffic in and out

No you cannot. Multiple Nics do *not* load balance and work that way
without a special setup called Nic Teaming. I don't think you realize how
difficult it would be to truely overload a Gigabit nic or even a 100mbps Nic
for that matter. These Games all are optimized to run over slow Internet
speeds. Overloading the LAN Nics just ain't gonna happen. If it ever
did,...use Nic Teaming.

or is it the processor/mem that creates that bottleneck in the machine...

There is a reasonable chance of that happening. This is probably the most
likey "real" threat you face.

i want to filter traffic and detect attacks or malicious activity

What attacks? It's on a local LAN. The chance is greater that someone will
snag a foot in a cable and rip something apart than you ever getting
"hacked". Besides that the primary means of security rests on the server
that is being attacked,..not sticking a firewall in the middle of things.

You would have to expose the server to run the games,...they would attack
what you expose,...meaning they would attack by looking for flaws in the
Gaming software. If there are flaws in the software then "everyone" will
know about it as soon as it is dicovered. There is nothing that a Firewall
can do to prevent that.

However if it just runs over a LAN, no one is going to have access to it
except people you let into your LAN anyway.

--
Phillip Windellwww.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processinghttp://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-...

Microsoft Internet Security & Acceleration Server: Partnershttp://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutionshttp://www.microsoft.com/forefront/edgesecurity/partners/hardwarepart...
-----------------------------------------------------

ok thanks for the excellent info... i guess what i am looking for is
ways to block 2 things, useless traffic and malicious traffic... we
have had issues before with users running ping attacks, arp spoofing
poison attacks and so on.... so what i need is some sort of monitoring
firewall that can monitor traffic and check for malicious activity...
all on the lan

so can i have the isa firewall between the game servers or can it run
in parallel and just monitor traffic and alert admins when something
is going on... i would much rather prevent it but monitoring only
would be nice as well, i just dont want a bottleneck

.

Relevant Pages

  • Re: Can Somone Tell Me If We Have a Hacker?
    ... your firewall to never see that stuff again. ... Those types of attacks DO work. ... beginners out there do that stuff thinking no one will find their FTP site. ... FTP server" which is probably not an option. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Blocking Port scans
    ... Its kind of hard to block SYN scans as to maintain functionality, ... server has to respond to a SYN with a SYN/ACK. ... > Firewall Assessment for a CISCO PIX firewall. ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • Re: firewall between game servers and clients
    ... ports ect and prevent attacks on the game servers.... ... Overloading the LAN Nics just ain't gonna happen. ... You would have to expose the server to run the games,...they would attack ...
    (microsoft.public.isa)
  • Backdoor:Win32/Hackdef.E
    ... After installing October's MS Malicious Software Removal tool, ... couple of server, one behing a Sonicwall TZ170 firewall have shown he ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • RE: pushing exploits through the Firewall
    ... pushing exploits through the Firewall ... an external DNS server and has successfully sourced an exploit for the vuln. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)