Isa Server
Páginas: 6 (1345 palabras)
Publicado: 7 de abril de 2012
Internet Security and Acceleration Server 2000
with Service Pack 1 Audit
An Analysis by Foundstone, Inc.
Internet Security and Acceleration Server
2000 with Service Pack 1 Audit
This paper presents an overview of a security assessment
conducted by Foundstone, Inc. of Microsoft® Internet Security
and Acceleration (ISA) Server 2000 after the addition of
Service Pack 1 (SP1). This is the secondsecurity assessment of
ISA Server 2000 performed by the experts at Foundstone.
The initial audit was completed in February 2001, prior to the
public release of the first version of ISA Server 2000.
Foundstone conducted the current audit in the months
preceding the public release of SP1 on February 15, 2002.
Foundstone’s comprehensive product testing methodologies
employed an array of securitypenetration techniques,
commercial-grade stress testing and monitoring, and
Foundstone’s custom toolkit based on its FoundScan
technology.
Foundstone’s analysis showed that SP1 improves the already
solid security of ISA Server 2000. Foundstone is confident that
ISA Server 2000 properly configured is an effective firewall in
enterprise environments.
Microsoft continues to subject ISA Server 2000 toregular
audits by Foundstone, demonstrating the company’s ongoing
commitment to improving product security.
F
O
U
N
D
S
T
O
N
E
Table of Contents
Introduction....................................................................1
Description of Testing.......................................................2
Testbed Instrumentation...................................................4
Summaryof Findings and Recommendations.......................4
Conclusion......................................................................5
Resources for Further Reading...........................................6
F
O
U
N
D
S
T
O
N
E
Introduction
Foundstone, Inc. has conducted independent security evaluations
for ISA Server 2000 since the product’s initial release in late 2000.Foundstone’s most recent audit, performed in late 2001, evaluated
the ISA Server 2000 Service Pack 1 (SP1) update to the original
product.
Spanning more than 250 man-hours, the SP1 review involved
a dedicated security team from Foundstone, including
Joel Scambray, the author of Hacking Exposed Windows 2000.
During the audit, Foundstone had full access to the ISA Server
2000 product and development teams. TheFoundstone and ISA
Server 2000 teams met weekly to discuss the assessment’s
progress.
The audit employed Foundstone’s product testing methodologies,
which include the most up-to-date security tools and penetration
techniques. Foundstone designed its ISA Server 2000 testing to
circumvent selected network access control features and gauge
SP1’s resistance to a denial-of-service (DoS) attack thatwould
render a typical deployment inoperable.
This whitepaper focuses on Foundstone’s assessment of the
enhanced security offered by SP1. It is based on test results
and the ongoing communication between Foundstone and the
ISA Server 2000 development team.
F
O
U
N
D
S
1
T
O
N
E
Description of Testing
Foundstone’s testing concentrated on the following features of
ISA Server 2000 withSP1:
Firewall
• Packet Filtering
• Application Filters
- SMTP
- HTTP Redirector
- POP Intrusion Detection
- DNS Intrusion Detection
Web Publishing
Intrusion Detection
• IP Spoofing
• Port Scanning
Web Proxy
Web Caching
Management
• Policy Control
• Logging
• Reporting
• Alerts
Foundstone also retested findings from its previous audit of SP1
and analyzed published SP1 vulnerabilities.
Foundstoneinstalled and configured ISA Server 2000 to simulate a
“real world” Internet-connected environment. The product ran on a
PC with dual 733Mhz Intel Pentium III CPUs, 512MB of RAM,
Windows 2000 SP2, and three Ethernet interfaces. Foundstone set
up ISA Server 2000 in integrated mode, including the H.323
gateway and the Message Screener. The cache size was 5GB.
Intrusion detection, logging of “allow”...
with Service Pack 1 Audit
An Analysis by Foundstone, Inc.
Internet Security and Acceleration Server
2000 with Service Pack 1 Audit
This paper presents an overview of a security assessment
conducted by Foundstone, Inc. of Microsoft® Internet Security
and Acceleration (ISA) Server 2000 after the addition of
Service Pack 1 (SP1). This is the secondsecurity assessment of
ISA Server 2000 performed by the experts at Foundstone.
The initial audit was completed in February 2001, prior to the
public release of the first version of ISA Server 2000.
Foundstone conducted the current audit in the months
preceding the public release of SP1 on February 15, 2002.
Foundstone’s comprehensive product testing methodologies
employed an array of securitypenetration techniques,
commercial-grade stress testing and monitoring, and
Foundstone’s custom toolkit based on its FoundScan
technology.
Foundstone’s analysis showed that SP1 improves the already
solid security of ISA Server 2000. Foundstone is confident that
ISA Server 2000 properly configured is an effective firewall in
enterprise environments.
Microsoft continues to subject ISA Server 2000 toregular
audits by Foundstone, demonstrating the company’s ongoing
commitment to improving product security.
F
O
U
N
D
S
T
O
N
E
Table of Contents
Introduction....................................................................1
Description of Testing.......................................................2
Testbed Instrumentation...................................................4
Summaryof Findings and Recommendations.......................4
Conclusion......................................................................5
Resources for Further Reading...........................................6
F
O
U
N
D
S
T
O
N
E
Introduction
Foundstone, Inc. has conducted independent security evaluations
for ISA Server 2000 since the product’s initial release in late 2000.Foundstone’s most recent audit, performed in late 2001, evaluated
the ISA Server 2000 Service Pack 1 (SP1) update to the original
product.
Spanning more than 250 man-hours, the SP1 review involved
a dedicated security team from Foundstone, including
Joel Scambray, the author of Hacking Exposed Windows 2000.
During the audit, Foundstone had full access to the ISA Server
2000 product and development teams. TheFoundstone and ISA
Server 2000 teams met weekly to discuss the assessment’s
progress.
The audit employed Foundstone’s product testing methodologies,
which include the most up-to-date security tools and penetration
techniques. Foundstone designed its ISA Server 2000 testing to
circumvent selected network access control features and gauge
SP1’s resistance to a denial-of-service (DoS) attack thatwould
render a typical deployment inoperable.
This whitepaper focuses on Foundstone’s assessment of the
enhanced security offered by SP1. It is based on test results
and the ongoing communication between Foundstone and the
ISA Server 2000 development team.
F
O
U
N
D
S
1
T
O
N
E
Description of Testing
Foundstone’s testing concentrated on the following features of
ISA Server 2000 withSP1:
Firewall
• Packet Filtering
• Application Filters
- SMTP
- HTTP Redirector
- POP Intrusion Detection
- DNS Intrusion Detection
Web Publishing
Intrusion Detection
• IP Spoofing
• Port Scanning
Web Proxy
Web Caching
Management
• Policy Control
• Logging
• Reporting
• Alerts
Foundstone also retested findings from its previous audit of SP1
and analyzed published SP1 vulnerabilities.
Foundstoneinstalled and configured ISA Server 2000 to simulate a
“real world” Internet-connected environment. The product ran on a
PC with dual 733Mhz Intel Pentium III CPUs, 512MB of RAM,
Windows 2000 SP2, and three Ethernet interfaces. Foundstone set
up ISA Server 2000 in integrated mode, including the H.323
gateway and the Message Screener. The cache size was 5GB.
Intrusion detection, logging of “allow”...
Leer documento completo
Regístrate para leer el documento completo.