Re: What to use for a Firewall device?
- From: "ebrind" <ebrind@xxxxxxxxxx>
- Date: Tue, 5 Jul 2005 21:07:58 -0500
Hello,
I do not have port 25 & 80 inbound open because I do not need them open. I
am using OWA, RWW and VPN and am getting steath reults all the way up on my
outside scans. I do not know if this is a false sense of secruity however
with the addition of the BlockAttacker Script I do know anyone who tries to
port scan me get's blocked and I get notified on my cell phone that it has
happend and the External IP from witch it came.
I like Watchguard. I recomend the Soho and Firebox when customers do not opt
for the SBS2003 Premium package.
Thanks,
ebrind
"Leythos" <void@xxxxxxxxxxx> wrote in message
news:MPG.1d34fd042ed42f88989985@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> In article <#f9nV6bgFHA.2180@xxxxxxxxxxxxxxxxxxxx>, ebrind@xxxxxxxxxx
> says...
>> Hello,
>>
>> No matter witch firewall you use in regards to SBS2003 in order to use
>> RWW
>> and OWA you still have to open and forward ports with any device you use
>> so
>> does it really matter witch device is on the outside of the external nic?
>> When you open ports you open your self up so why not use the firewall
>> that
>> was made to work your server.
>
> I am, I'm using a WatchGuard Firebox series firewall for all our servers
> that have public connections.
>
>> Just Today I performed the following scan on
>> my system and here are the reults:
>>
>> Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
>> 119, 135, 139, 143, 389, 443, 445,
>> 1002, 1024-1030, 1720, 5000
>>
>> 0 Ports Open
>> 0 Ports Closed
>> 26 Ports Stealth
>> ---------------------
>> 26 Ports Tested
>>
>> ALL PORTS tested were found to be: STEALTH.
>
> If you don't have 25/443 open then you are not allowing inbound SMTP and
> OWA access from remote locations. If you don't have 80 open then you are
> not serving a company website to the public.
>
> If I didn't need exchange, OWA, or a website I would be able to do all
> that you did with a simple router. What about VPN's? 1723....
>
>> TruStealth: PASSED - ALL tested ports were STEALTH,
>> - NO unsolicited packets were received,
>> - NO Ping reply (ICMP Echo) was received.
>
> I thought this group was about running exchange, web services, OWA for
> the users, VPN's, etc.... If you have no exposed services you don't
> really need the server connected to the internet do you?
>
>> Now I am no security expert and this was done by a third party but I
>> would
>> have to say that this is a prettty good report useing ISA2000 with
>> SBS2003.
>>
>> What I would really like to do is setup an SBS2003 server with ISA2000 or
>> ISA2004 and put it to the test. Give some testers the IP and let them go
>> to
>> town on it :)
>
> What I want to see is a server setup, completely documented as to all
> the firewall rules, and then run one of the classic security scans on it
> - you have to have 25/80/443 open, and then accept inbound PPTP/IPSec
> VPN's also.
>
> With the firewall appliance I don't have to worry about the numerous
> exploits in the Windows OS, the patches for ISA, or any other Windows
> problems. I can remove DOS attacks, DDOS attacks, block most of the
> world we don't do business with, ensure that my IPSec / PPTP tunnels
> only work between approved sites, get a mobile user VPN IPSec solution,
> and also strip crap out of HTTP/SMTP sessions that would impact users
> inside the network.
>
> --
> --
> spam999free@xxxxxxxxxx
> remove 999 in order to email me
.
- References:
- What to use for a Firewall device?
- From: Stephen
- Re: What to use for a Firewall device?
- From: ebrind
- Re: What to use for a Firewall device?
- From: Les Connor [SBS Community Member - SBS MVP]
- Re: What to use for a Firewall device?
- From: ebrind
- What to use for a Firewall device?
- Prev by Date: Re: RWW vbscript: remote desktop disconnected
- Next by Date: RE: Out of Office and POP3 connector
- Previous by thread: Re: What to use for a Firewall device?
- Next by thread: Re: What to use for a Firewall device?
- Index(es):
Relevant Pages
|
