From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of john cesta
Sent: Saturday, November 20, 2004 8:45 AM
To: Ted Galerneau
Subject: RE: [IMail Forum] Blackice SettingsOn Fri, 19 Nov 2004 14:12:25 -0800, Ted Galerneau wrote:
> You also may want to open up your web calendaring port as well,
> then close everything thing else that you are not using. I set ours
> to paranoid, or whatever is the highest most secure setting.
>
> I am curious, did you get the server version or the regular version?
To run on the server you NEED the server version.
John
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dan Horne
> Sent: Friday, November 19, 2004 7:17 AM To:
> [EMAIL PROTECTED] Subject: [IMail Forum] Blackice
> Settings
>
> I have just obtained BlackICE Server Protection for my mail servers
> to stop the flood of Dictionary attacks we are receiving. I have
> installed it and I have made the changes that "Cycle Rider"
> suggested, but I would just like to make sure I have all settings
> correct (not the edits proposed by "Cycle Rider" but the BlackICE
> settings. Right now it is running in "Trusting" mode, which means
> it isn't blocking anything. I also did not enable the Application
> Protection.
>
> My specific questions are these:
>
> 1) What Protection Level should I choose? This is a dedicated
> Imail box, so I just want to make sure everyone that needs to can
> access the proper ports. I chose Cautious for a second and wasn't
> able to connect on POP3, so I set it back to Trusting. This is the
> extent of my configuration testing so far.
>
> Ultimately I would like to block all ports except those I
> specifically request to be open, meaning Paranoid Level, so:
>
> 2) In the Advanced Firewall Settings, if I specifically allow SMTP,
> POP3, HTTP & HTTPS (webmail), and IMAP4 ports does this negate the
> "auto-blocking" feature on SMTP that is the whole reason I got the
> program?
>
> Dan Horne
> Web Services Administrator
> TAIS Web
> Wilcox World Travel & Tours
> [EMAIL PROTECTED]
> ----------------------------------------------------
>
> CONFIDENTIALITY NOTICE:
> This email message, including any attachments, is for the sole use
> of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure or
> distribution is prohibited. If you are not the intended recipient,
> please contact the sender by reply email and destroy all copies of
> the original message.
>
> SPAM-FREE 1.0(2476)
>
>
> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
> List Archive: http://www.mail-
> archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ:
> http://www.ipswitch.com/support/IMail/
>
>
> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
> List Archive: http://www.mail-
> archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ:
> http://www.ipswitch.com/support/IMail/
Yes, I did get the server version. I finally got it
working just as suggested. I opened ports 25, 110, 143, 389, 443,
3389, 8484, and 8485. That gives me SMTP, POP3, IMAP4, LDAP, WWW,
SSL, Web Calendaring, Web Calendaring via SSL, and Terminal services. Then
I set it to paranoid. I had some problems at first with Declude processes
backing up, but an uninstall and reinstall of BlackICE seems to have fixed
that. I then put in the edits suggested by "Cycle Rider" and have been
watching the thing autoblock all weekend! It's
great!
