1. The document describes the risk of using the Microsoft ISA Firewall Client software, which allows direct unfiltered internet connections that can be used by peer-to-peer and spyware programs.
2. The risk is rated as medium likelihood but high impact, as virus infections and uncontrolled bandwidth usage from spyware could occur.
3. Recommended preventative actions include keeping the machine fully patched, installing Windows XP SP2, a personal firewall, and anti-spyware software.
1. The document describes the risk of using the Microsoft ISA Firewall Client software, which allows direct unfiltered internet connections that can be used by peer-to-peer and spyware programs.
2. The risk is rated as medium likelihood but high impact, as virus infections and uncontrolled bandwidth usage from spyware could occur.
3. Recommended preventative actions include keeping the machine fully patched, installing Windows XP SP2, a personal firewall, and anti-spyware software.
1. The document describes the risk of using the Microsoft ISA Firewall Client software, which allows direct unfiltered internet connections that can be used by peer-to-peer and spyware programs.
2. The risk is rated as medium likelihood but high impact, as virus infections and uncontrolled bandwidth usage from spyware could occur.
3. Recommended preventative actions include keeping the machine fully patched, installing Windows XP SP2, a personal firewall, and anti-spyware software.
1. The document describes the risk of using the Microsoft ISA Firewall Client software, which allows direct unfiltered internet connections that can be used by peer-to-peer and spyware programs.
2. The risk is rated as medium likelihood but high impact, as virus infections and uncontrolled bandwidth usage from spyware could occur.
3. Recommended preventative actions include keeping the machine fully patched, installing Windows XP SP2, a personal firewall, and anti-spyware software.
Download as DOC, PDF, TXT or read online from Scribd
Download as doc, pdf, or txt
You are on page 1/ 2
RISK FORM NAMPAK Regional
RISK DETAILS Risk: Microsoft ISA Firewall Client software Risk ID: Raised By: BCX Security Date Raised: 23 February 2006 Risk Review Date Risk Description The Firewall client is used for direct Internet connections, i.e. Programs without any proxy settings will be able to use the Firewall client to connect to the internet. Thus meaning that any port or protocol can be used though the firewall client to connect to the internet. These connections are called Winsock connections. The firewall client can be controlled by the ISA server through port and protocol rules, but a program e.g. Kazaa (P2P) uses its own custom protocol. The Kazaa protocol can even be routed through a HTTP or HTTPS port.
1. The biggest problem will be Peer 2 Peer (P2P) software e.g. Kazaa. A program like Kazaa uses the firewall client to connect to the internet. 2. Spy ware will be a huge risk, as Spy ware programs can access the internet directly through the firewall client. 3. Proxy avoidance programs can also be used, thus meaning a user can bypass the local Microsoft ISA proxy server and use an internet proxy server for his browsing and downloading. This user will not be blocked or filtered, e.g. Web Marshall, because the connection made to the internet proxy will be through port 80 HTTP connection and thus showing only one IP address. 4. Video and audio streaming will evidently become a problem. This connections will be similar to Internet radio streaming and programs e.g. Skype (Internet telephony)
The Firewall client can be controlled, but only to a certain extend by the Microsoft ISA proxy server.
Developers of e.g. Kazaa have created mechanisms to bypass proxies and firewalls for people to connect to their networks and everyday there are more developers of other programs doing the same.
Risk Likelihood Risk Impact
Medium – With recommended preventative actions. High – Virus infections may occur in the event of “download/hacking” software being used. Spy Ware programs that execute in the background and utilise Bandwidth uncontrolled. RISK MITIGATION Recommended Preventative Action The onsite technician will need to make sure that the machine is fully patched with Microsoft patches and keep them up to date plus all product upgrades. Also make sure that it has Win XP SP2 and a personal firewall installed. It is also recommended to install Anti-Spy Ware software for extra precaution measures.
Recommended Contingent Action:
Make use of Anti Spy Ware programs and personal firewall software. APPROVAL DETAILS Nampak: Mr. B B??? Signature: Date:
