How to block HTTP (Port 80)

This is a multi-part message in MIME format.

------=_NextPart_000_0049_01C57891.E3A416E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I know how firewalls work but I know very little about ISA 2000. I have =
a customer who has a SBS 2000 server. Apparently, whomever installed it =
allowed external access to port 80. I suspect that the customer was =
being victimized by a hacker via that port and a Windows security =
vulnerability. I installed the necessary patch and now I want to block =
port 80. In ISA Management, I saw something under Access Policy\IP =
Packet Filters titled "BackOffice HttpServerPredefinedType". I changed =
it from Enabled to Disabled but port 80 was still accessible externally.

I would appreciate any assistance in totally blocking external access to =
port 80. Thanks in advance.

--=20

D. Lewis
"Just trying to keep life simple."

------=_NextPart_000_0049_01C57891.E3A416E0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2668" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>I know how firewalls work but I know =
very little=20
about ISA 2000. I have a customer who has a SBS <STRONG>2000</STRONG> =
server.=20
Apparently, whomever installed it allowed external access to port 80. I =
suspect=20
that the customer was being victimized by a hacker via that port and a =
Windows=20
security vulnerability. I installed the necessary patch and now I want =
to block=20
port 80. In ISA Management, I saw something under Access Policy\IP =
Packet=20
Filters titled "BackOffice HttpServerPredefinedType". I changed it from=20
<EM>Enabled </EM>to <EM>Disabled </EM>but port 80 was still accessible=20
externally.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I would appreciate any assistance in =
totally=20
blocking external access to port 80. Thanks in=20
advance.</FONT></DIV></FONT></DIV><FONT face=3DArial size=3D2>
<DIV><BR>-- <BR><BR>D. Lewis<BR>"Just trying to keep life simple."</DIV>
<DIV> </DIV>
<DIV></FONT> </DIV></BODY></HTML>

------=_NextPart_000_0049_01C57891.E3A416E0--

Javier
Fri Jun 24 07:05:36 CDT 2005

This is a multi-part message in MIME format.

------=_NextPart_000_000E_01C57893.80BE54D0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

You have to disable the listener in addition to closing the port.
http://www.smallbizserver.net/Default.aspx?tabid=3D74

-Javier
"DonL" <dlewis968@hotmail.com> wrote in message =
news:uCtsrNLeFHA.3932@TK2MSFTNGP12.phx.gbl...
I know how firewalls work but I know very little about ISA 2000. I =
have a customer who has a SBS 2000 server. Apparently, whomever =
installed it allowed external access to port 80. I suspect that the =
customer was being victimized by a hacker via that port and a Windows =
security vulnerability. I installed the necessary patch and now I want =
to block port 80. In ISA Management, I saw something under Access =
Policy\IP Packet Filters titled "BackOffice HttpServerPredefinedType". I =
changed it from Enabled to Disabled but port 80 was still accessible =
externally.

I would appreciate any assistance in totally blocking external access =
to port 80. Thanks in advance.

--=20

D. Lewis
"Just trying to keep life simple."

------=_NextPart_000_000E_01C57893.80BE54D0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2627" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>You have to disable the listener in =
addition to=20
closing the port.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2><A=20
href=3D"http://www.smallbizserver.net/Default.aspx?tabid=3D74">http://www=
.smallbizserver.net/Default.aspx?tabid=3D74</A></FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>-Javier</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"DonL" <<A=20
href=3D"mailto:dlewis968@hotmail.com">dlewis968@hotmail.com</A>> =
wrote in=20
message <A=20
=
href=3D"news:uCtsrNLeFHA.3932@TK2MSFTNGP12.phx.gbl">news:uCtsrNLeFHA.3932=
@TK2MSFTNGP12.phx.gbl</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>I know how firewalls work but I know =
very little=20
about ISA 2000. I have a customer who has a SBS <STRONG>2000</STRONG> =
server.=20
Apparently, whomever installed it allowed external access to port 80. =
I=20
suspect that the customer was being victimized by a hacker via that =
port and a=20
Windows security vulnerability. I installed the necessary patch and =
now I want=20
to block port 80. In ISA Management, I saw something under Access =
Policy\IP=20
Packet Filters titled "BackOffice HttpServerPredefinedType". I changed =
it from=20
<EM>Enabled </EM>to <EM>Disabled </EM>but port 80 was still accessible =

externally.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I would appreciate any assistance in =
totally=20
blocking external access to port 80. Thanks in=20
advance.</FONT></DIV></FONT></DIV><FONT face=3DArial size=3D2>
<DIV><BR>-- <BR><BR>D. Lewis<BR>"Just trying to keep life =
simple."</DIV>
<DIV> </DIV>
<DIV></FONT> </DIV></BLOCKQUOTE></BODY></HTML>

------=_NextPart_000_000E_01C57893.80BE54D0--

DonL
Fri Jun 24 07:41:20 CDT 2005

This is a multi-part message in MIME format.

------=_NextPart_000_007E_01C57898.7EDF9070
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Thanks... that did the trick.

--=20

D. Lewis
"Just trying to keep life simple."

"Javier Gomez [SBS MVP]" <javier_gomez@remove.this.engineer.com> wrote =
in message news:%23noHJULeFHA.1040@TK2MSFTNGP10.phx.gbl...
You have to disable the listener in addition to closing the port.
http://www.smallbizserver.net/Default.aspx?tabid=3D74

-Javier
"DonL" <dlewis968@hotmail.com> wrote in message =
news:uCtsrNLeFHA.3932@TK2MSFTNGP12.phx.gbl...
I know how firewalls work but I know very little about ISA 2000. I =
have a customer who has a SBS 2000 server. Apparently, whomever =
installed it allowed external access to port 80. I suspect that the =
customer was being victimized by a hacker via that port and a Windows =
security vulnerability. I installed the necessary patch and now I want =
to block port 80. In ISA Management, I saw something under Access =
Policy\IP Packet Filters titled "BackOffice HttpServerPredefinedType". I =
changed it from Enabled to Disabled but port 80 was still accessible =
externally.

I would appreciate any assistance in totally blocking external =
access to port 80. Thanks in advance.

--=20

D. Lewis
"Just trying to keep life simple."

------=_NextPart_000_007E_01C57898.7EDF9070
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2668" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Thanks... that did the =
trick.</FONT></DIV>
<DIV><BR>-- <BR><BR>D. Lewis<BR>"Just trying to keep life simple."</DIV>
<DIV> </DIV>
<DIV> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Javier Gomez [SBS MVP]" <<A=20
=
href=3D"mailto:javier_gomez@remove.this.engineer.com">javier_gomez@remove=
.this.engineer.com</A>>=20
wrote in message <A=20
=
href=3D"news:%23noHJULeFHA.1040@TK2MSFTNGP10.phx.gbl">news:%23noHJULeFHA.=
1040@TK2MSFTNGP10.phx.gbl</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>You have to disable the listener in =
addition to=20
closing the port.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2><A=20
=
href=3D"http://www.smallbizserver.net/Default.aspx?tabid=3D74">http://www=
.smallbizserver.net/Default.aspx?tabid=3D74</A></FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>-Javier</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"DonL" <<A=20
href=3D"mailto:dlewis968@hotmail.com">dlewis968@hotmail.com</A>> =
wrote in=20
message <A=20
=
href=3D"news:uCtsrNLeFHA.3932@TK2MSFTNGP12.phx.gbl">news:uCtsrNLeFHA.3932=
@TK2MSFTNGP12.phx.gbl</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>I know how firewalls work but I =
know very=20
little about ISA 2000. I have a customer who has a SBS =
<STRONG>2000</STRONG>=20
server. Apparently, whomever installed it allowed external access to =
port=20
80. I suspect that the customer was being victimized by a hacker via =
that=20
port and a Windows security vulnerability. I installed the necessary =
patch=20
and now I want to block port 80. In ISA Management, I saw something =
under=20
Access Policy\IP Packet Filters titled "BackOffice=20
HttpServerPredefinedType". I changed it from <EM>Enabled </EM>to=20
<EM>Disabled </EM>but port 80 was still accessible =
externally.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I would appreciate any assistance =
in totally=20
blocking external access to port 80. Thanks in=20
advance.</FONT></DIV></FONT></DIV><FONT face=3DArial size=3D2>
<DIV><BR>-- <BR><BR>D. Lewis<BR>"Just trying to keep life =
simple."</DIV>
<DIV> </DIV>
<DIV></FONT> </DIV></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>

------=_NextPart_000_007E_01C57898.7EDF9070--

How to block HTTP (Port 80)

Re: How to block HTTP (Port 80) by Javier

Re: How to block HTTP (Port 80) by DonL