Professional Documents
Culture Documents
Isa 2006
Uploaded by
KeoBot KeoOriginal Title
Copyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this DocumentCopyright:
Available Formats
Isa 2006
Uploaded by
KeoBot KeoCopyright:
Available Formats
Mc lc
Mclc ...................................................................................................................1
CHNGI ...................................................................................................5
GiithiuhthngVietCERTvcuhnhccdchvcnthit...............5
1.
CitWebServerIIS6.0................................................................................. 6
2.
CitvcuhnhDNS ................................................................................. 14
3.
CitvcuhnhCertificateAuthoritiveServer ..................................... 28
4.
XincpphtmtCertificatechoWebServer .............................................. 35
5.
CuhnhWebServersdngSSL................................................................ 50
6.
XydnghthngActiveDirectory ............................................................ 56
7.
CuhnhdchvchngthcbngRADIUS............................................... 64
CHNGII................................................................................................73
CitISAServer2006 .....................................................................................73
8.
Giithiumhnhthchnh ........................................................................ 74
9.
CitServicePackchoWindows ............................................................... 74
10.
CuhnhTCP/IPcnthitchoISAServer ............................................... 79
11.
CiISAServer2006 ...................................................................................... 97
12.
Nhngcngviccnlmsaukhicit ................................................. 98
CHNGIII ............................................................................................101
CuhnhOutboundInternetAcccess ..........................................................101
13.
Mhnhchobithchnh ....................................................................... 102
14.
CclaiClientscaISAServer2006 ....................................................... 102
15.
CbnvcuhnhtrnISAServer2006................................................ 110
16.
ToAccessRulechoClientstruycpInternet....................................... 151
17.
BackupAccessRule.................................................................................... 211
Telecom Network Solutions
18.
ImportccAccessRule .............................................................................. 216
19.
PhntchcchNATcaNetworkRule ............................................... 221
20.
PhntchcchRoutingcaNetworkRule.......................................... 223
CHNGIV ............................................................................................225
CuhnhcctnhnngFirewalltrnISAServer2006..............................225
21.
Phntchcutrccamtgitin ........................................................... 226
22.
PhnlaiccFirewall ................................................................................ 233
23.
CuhnhPerimeterNetwork ................................................................... 234
24.
SdngNetworkTemplates.................................................................... 234
25.
CuhnhSystemPolicies .......................................................................... 240
26.
CuhnhhthngInstrusionDetectionService ................................... 251
27.
CuhnhtnhnngFloodMitigationcaISAServer2006.................. 260
28.
Bt/TtcctnhnngbomtchoIP ...................................................... 264
CHNGV..............................................................................................271
CuhnhPublishingviISAServer2006 ...................................................271
29.
CuhnhDNSchoPublishingRule ........................................................ 272
30.
ToWebPublishingRule .......................................................................... 273
31.
ToSecureWebPublishingRule ............................................................. 289
32.
CuhnhServerPublishingRule ............................................................. 289
33.
PublishingcchthngServerMultiMedia .......................................... 297
CHNGVI ............................................................................................309
KthpISAServer2006vExchangeServer2003 ....................................309
34.
Mhnhchung............................................................................................ 310
35.
CuhnhSMTPPublishingRule ............................................................. 311
36.
CuhnhSMTPFiltering........................................................................... 316
37.
CuhnhOWAPublishingRule .............................................................. 318
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 2
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
38.
CuhnhRPCPublishingRule ................................................................ 335
39.
CuhnhPublishingRulechoClientssdngPOP3vIMAP4 ....... 339
CHNGVII ..........................................................................................349
SdngccblctrnISAServer2006......................................................349
40.
TmhiuApplicationFiltertrnISAServer2006 ................................. 350
41.
CuhnhHTTPWebFilter ....................................................................... 355
42.
CuhnhFTP,SOCKSApplicationFilter ............................................... 366
CHNGVIII.........................................................................................373
CuhnhVPNtrnISAServer2006 .............................................................373
43.
Mhnhthchnh ..................................................................................... 374
44.
CuhnhcpphtIPngchoVPNClients ......................................... 374
45.
CuhnhAuthentication ........................................................................... 376
46.
CuhnhUserAccountchoVPNClients ............................................... 378
47.
CuhnhVPNtrnISAServer(ClienttoGateway) ............................. 383
48.
TovktniVPNClientstWindows................................................ 386
49.
CuhnhVPNSitetoSiteviISAServer2006...................................... 395
CHNGIX ............................................................................................456
TrinkhaiCachingtrnISAServer2006.....................................................456
50.
TmhiuvCaching .................................................................................. 457
51.
CuhnhISAServer2006thnhProxyServer ...................................... 459
52.
CuhnhClientsdngISAlmProxyServer .................................... 467
53.
TmhiuDefaultCacheRule.................................................................... 475
54.
ToCacheRule ........................................................................................... 476
55.
CuhnhSchedulerDownloadJob ......................................................... 492
CHNGX ..............................................................................................503
MonitorISAServer2006 .................................................................................503
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
Telecom Network Solutions
56.
TngquanvhthngMonitor .............................................................. 504
57.
CuhnhAlert ............................................................................................ 507
58.
SessionMonitor .......................................................................................... 520
59.
CuhnhLogging....................................................................................... 527
60.
CuhnhReport.......................................................................................... 542
61.
MonitorConnectivities .............................................................................. 567
62.
QunlccdchvcaISAServer......................................................... 575
63.
QunlServerPerformance..................................................................... 576
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 4
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGI
Gii thiu h thng VietCERT v cu hnh
cc dch v cn thit
Trong chng ny thc hnh cu hnh cc dch v c bn, cn thit cho cc bi thc hnh
trong cc chng sau nh Web Server, Mail Server, Certificate Authoritive Server.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
Telecom Network Solutions
1.
Ci t Web Server IIS 6.0
WebServersccitchungviCertificateServerbithchnhs5.
PhnnychngtitrnhbycchciringIISServer.IISServertchhpsn
trongWindowsServer2003vccitthngquaphnAdd/Remove
WindowsComponents
VoControlPanelchnAdd/RemovePrograms
SdngAdd/RemoveProgramscithmdchvWebServerchoWindows
ChntipmcAdd/RemoveWindowsComponents
Add/RemoveWindowsComponents
ClickchnApplicationServer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 6
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
WebServerIIS6.0trnWindows2003nmtrongphnApplicationServercaWindows.
ClickNext
Ghich:cginnchducheckFTPvSMTP,NNTPkhngbtlntrongApplicationServerv
chngtichaciExchangeServer2003.Nhngdchvnyrtddngbtncngnnchbtln
khinothcscnthit.
Khaibongdni386caWindows2003vclickOK
CitdchvthmyucuphicSourcecaWindows2003Windowschpthmtptin
CthsphikhaibongdnnynhiulntrongqutrnhciIIS6.0
ChngtisdngInternetInformationServiceConsolequnlWebServer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
Telecom Network Solutions
IIStrnWindows2003.VersioncaIIStrnWindows2003l6.0
InternetInformationServiceManagersdngqunlWebServertrnWindow2003
GiaodincaInternetInformationServiceConsolenhtronghnhsau.Ttccc
trangwebtrnServernyuchatrnWebServer.TrnIISkhiciluncmt
WebSitemcnhctosnmangtnDefaultWebSite.cgikhngnn
xaWebSitenyvncdngchonhiumcch.Microsoftsdngweb
sitenycuhnhccdchvtrnWebcamnhnhSharePointPortal,CRM
...vcCertificateServicenhchngtaangthchnhy.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 8
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DefaultWebSitemtwebsitectosnvsdngchoccdchvkhccaWindows
CuhnhtotrangwebtrnIISServer6.0
TonhiutrangwebtrnIISServercngsdngport80chngtisdngHost
Headerttnchocctrangweb.phngiictncacctrangweb
ny,chngtiphicuhnhDNSServertrongvngDMZphngiictn
min.ChngtascpnphncuhnhDNSsau
Ghich:BniphttrinphnmmcaVietCERTcungcpchochngtibSourcevcisn
csdliuchytrnnnSQL2005chochngti.Tonbnidungtrangwebchngtilutimt
thmctrnLocal:D:\WebSites
ClickphivoWebSiteschnNewWebSite
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
Telecom Network Solutions
ClickchnNewWebSitetomtWebSitemitrnIISServer
DescriptiongHocMng.com
DescriptionmtchotrangwebHcMng.com
Phnmtchotrangweb,chcgitrhinthnhngsclinunhquntrbittndng
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 10
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KhaibochoWindowsthngsktnichoWebSiteny.Chngtisdng
HostHeaderchotrangweb,bucngidngphighttp://www.hocmang.com
micthtruycpcvotrangwebcachngti.
HostHeadervthngtincatrangweb.MtkhicuhnhHostHeaderchotrangWeb,ngi
dngphigngtnHostHeaderkhaibotrongtrangwebmicthtruycpngcWeb
Server.
ClickNext
HomeDirectorychngticlickBrowsevchnE:\WebSiteslnichatrang
webhocmng.com
KhaibongdnchotrangWebchatrnLocal.Nidungtrangwebchngticbnthitk
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
11
Telecom Network Solutions
Webcungcpsn.
ClickNext
CuhnhPermissionchotrangweb.ChngtimcnhReadchottcmingi.Khngnn
quynBrowsevExecutenukhngsdngCGIchoWebbomtmccbn.
DefaultccthngsvclickNext
ClickFinish
Tiptheochngtiquynhtrangwebindex.hmlscnpkhiUservo
trangwebhttp://hocmang.comhaycngiltrangch.McnhkhithuHost
chngtaccuhnhsn,cctptinlmtrangchthngphilindex.*
hocdefault.*
ClickphivotrangwebHocMng.comvchnProperties
ClickchnTabDocuments
Kimtratptinindex.htmchaycha,Removenhngtnkhngcnthitra
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 12
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TabDocumentstrongIISchophpnhquntrchntrangwebnosltrangchchotanbtrang
web.Trangch(haycngilhomepage)scnputinkhingidngg
www.hocmang.com
KimtralitrangwebvatobngcchclickphichnBrowse
ClickphichnBrowsethhinthnidungtrangwebtrnIISServerConsole
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
13
Telecom Network Solutions
NidungtrangWebcahocmang.comcbnthitkWebSitecungcpcho
chngtihinthtrnmnhnhcaIIS.
Nidungtrangwebhcmng.comchinthngaytrongcasIISkhinhquntrsdngchc
nngTesttrnIISServer.
Ch:cthcgiblingayphnnyvkhngthBrowsecnidungcatrangwebvacu
hnh.Nguynnhncngkhngphctplm,doDNSccbnchacuhnhphngiitnHost
wwwcaDomainhocmang.com.cgiphickinthccbnvDNScuhnhDomainName
hocmang.comchahostwwwchvachIPcaWebServer.
2.
Ci t v cu hnh DNS
DNSServertrongmngLANvcDNSServertrongvngDMZNetwork.DMZ
NetworkDNSServerchophpISAServerthycwebsitecaIISServer
trongDMZ.
CitDNSServertrongmngLAN
VoAdd/RemoveWindowsComponentstrongControlPanel
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 14
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CitthmDNSServicebngWizardAdd/RemoveWindowsComponentscaWindows2003
ClickchnAdd/RemoveWindowsComponents
WindowsComponents
ClickchntipNeworkServices
ngclickchnphnNetworkServicesmbmchnDetailschnchititbn
trong.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
15
Telecom Network Solutions
KhngclickvoNetworkServicesmchnnutDetailshinthchititdchvnocncit
ClickDomainNameSystem(DNS)vClickOK
ChngtichciDNSServertrnServernyvkhngchnccdchvkhc.
ClickOK
TiptheocuhnhDNSServerchvchnhmnhtrnmysdngDNSServer.
ThcraDNSServerkhngcnthitphicitvchngtacthsdngDNS
ServertrnDomainControllers.KhilnDCPROMO,Windowsbtbucchngta
phicuhnhDNSServertrnDomainControllertndngtnhnngtchhp
ZonevoActiveDirectory.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 16
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhTCP/IPtrnDNSServer.
TrnISAServerchngtasdng3Interfacegiaotipvi3Networksl
Internal,DMZNetworkvExternal,trongchcExternallcuhnhDefault
Gateway.ThcratrnISAServerchngtaphicuhnhRoutingTabletrong
dchvRoutingandRemoteAccess.
CuhnhDNSServerTCP/IPSettingstrnISAServer
ChngtachcuhnhDNStrnInternalinterfacecaISAServer,ttcccyu
cuvphngiitntrnISAServerscgivobntrongDNSServerca
mngLANvtDNSServernysthchinForwardernDNSServervng
DMZNetwork.
TrnExternalInterfacecaISAServerhantankhngcuhnhglinquann
DNS.ChngtaphicuhnhtrnInternalISAServercthtngkHost
RecordschomnhtrongDNSZone,htrchotnhnngAutoDiscoveryca
Clients.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
17
Telecom Network Solutions
ISAServersdngInternalInterfacesdngDNSServertrongmngnib.Ttccc
Clients/MemberServertrongmngLANusdngDNSServertrongmngnib.TrnLocal
DNSServersdngchcnngForwardernPublicDNSvnDNSServertrongvngmng
DMZ.
TrongDNSServermngInternalphicuhnhForwardernDNSServer
vngDMZphngiitnminchotrangWebVietnamLAB.com,VnCERT.comv
ICTExpress.com.ChngtisdngtnhnngConditionalForwardertrn
Windows2003
ClickphivoDNSServertrongLANchnProperties
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 18
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
PropertiesDNSServercuhnhForwarder
ChntipTabForwarder
ClickNEW
CuhnhConditionalForwadertrnDNSServertrongLocal
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
19
Telecom Network Solutions
Ghich:TnhnngConditionalForwaderchctrnWindows2003sForwardernccDNS
Serverkhcnhauphngiinhngtnminckhaibo.
GtnDomainVietnamlab.com
TnmintorachoForwaderlvietnamlab.com
ClickOK
insIPcaDNSServertrongvngDMZl203.162.23.35
CuhnhachIPcaDNSServersdngphngiitnminvietnamlab.com
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 20
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmIPnyvovssdngachIPcaDNSServernykhi
phngiitnminvietnamlab.com
TiptcclickNewDomainNamevgtnDomainICTExpress.com
ClickOK
insIPcaDNSServertrongvngDMZl203.162.23.35
ClickADD
LmtngtchoVnCERT.com
ClickOK
insIPcaDNSServertrongvngDMZl203.162.23.35
TiptccuhnhForwaderncctnmintrongvngmngDMZ
ClickOKngcasPropertiescaDNSServervtiptheolkimtra
ForwardercaDNSServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
21
Telecom Network Solutions
KimtraDNSServerForwarder
TrnISAServer2006chyNSLOOKUP
RUNgCMD
GlnhNSLOOKUP
GtiptnDomainca3DomaincuhnhForwardertrn
C:\>NSLOOKUP
DefaultServer:dc1.vietcert.com
Address:192.168.0.2
>vietnamlab.com
Server:dc1.vietcert.com
Address:192.168.0.2
Nonauthoritativeanswer:
Name:vietnamlab.com
Address:203.162.24.35
>VnCERT.com
Server:dc1.vietcert.com
Address:192.168.0.2
Nonauthoritativeanswer:
Name:VnCERT.com
Address:203.162.24.35
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 22
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
>ICTExpress.com
Server:dc1.vietcert.com
Address:192.168.0.2
Nonauthoritativeanswer:
Name:ICTExpress.com
Address:203.162.24.35
>
CuhnhDNSServertrongvngDMZ
DMZDNSServerchngtastoccZonetrongvngForwardLookupZone.
Tnminchngtistolhocmang.comvchaHostwwwchvachIP
203.162.23.34lwebServerangchyIISHostingcatrang
www.hocmng.com
VoDNSServertrnServer203.162.23.35chnForwardLookupZone
ClickphichnNewZone
ToNewZonechoDNSServertrongvngDMZNetwork
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
23
Telecom Network Solutions
ZonetypechngtimcnhlPrimarychoZoneutin
Hnh28:PrimaryZonechophpDNSServertqunlcDataBasecamnh.DNSServergi
PrimaryctanquynthayiZone.DNSServerutintronghthngchcchnsgi
PrimaryZone
ZoneNameghocmang.com
DNSServertrongvngDMZsphngiitnminhcmng.com
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 24
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickNext
mcnhphnZoneFilevClickNext
ZoneFilenuZonedngStandardmcnhccha%systemroot%\system32\dns\vitn
tptindomain.com.dns
KhngchnphnAllowDynamicUpdatevClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
25
Telecom Network Solutions
DynamicUpdatetrongtrnghpnykhngcnbtlnvPublicDNSZonekhngcncpnht
ngnhZonecaActiveDirectory.TttnhnngDynamicUpdatebomtchotnmn.
ClickFinish
TiptheotoHostwwwchoZonehocmang.com,clickphivoZonechnNew
Host
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 26
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToHostRecordmichoWebServertrongvngDMZNetwork.DNSServernymangPublicIP
vscchnhlmNamServercaZoneny
GwwwvphnIPg203.162.23.34
achIPcaWebServertrongvngDMZNetworkcaVietCERTl203.162.23.34
ClickOK
Kimtrabngcchgtnminhttp://www.hocmang.comsthyhinrani
dungtrangwebgingvikhichngtaghttp://203.162.23.34
Nidungtrangwebwww.hocmang.comchinthkhidngDNSServertrongvngDMZ
NetworkphngiiachIP
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
27
Telecom Network Solutions
3.
Ci t v cu hnh Certificate Authoritive Server
VietCERTchngtitcuhnhCertificateServerphcvchoviccp
Certificatenkhchhng,cthtrongtnglaichngtiphcvnhlth
thnhvinchokhchhngthnthitcatrangwebwww.hocmang.com.Trc
mt,CAServerVietCERTphcvcpphtCertificatedngvimcchm
hathngtin.TrangwebcuhnhVietnamLAB.com,hocmang.comv
ICTExpress.comccuhnhmhaHTTPviSSL(haycngilHTTPS).
CertificateAuthoritychngtisdngtrnWindows2003
VoControlPanel
ClickchnAdd/RemovePrograms
SdngchcnngAdd/RemoveProgramscaControlPanelthmdchvtrongWindows
ClicktipAdd/RemoveWindowsComponents
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 28
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickchnAdd/RemoveWindowsComponentsthmdchvchoWindows
ClickchnCertificateAuthority.KhichnCertificatechngtiphichrng
WebServerccit.
CertificateServicestrnWindows2003qunlccCertificate,PrivateKey/PublicKeytrnWindows
2003
WindowssthngbochongidngbitnucuhnhCertificateServicess
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
29
Telecom Network Solutions
khngththayitnServercna.ClickYEStiptcqutrnhcuhnh.
SaukhicitCerfiticateServicethkhngthitnmytnhcnavtnmyck
nhntrongRootCertificatecaCertificatServer
VClickchnthmApplicationServerciWebServerchoCAServer.
StandaloneCAServerchcthcpphtCertificatequaWebSite.
ClickOK
TiptheolcuhnhthngtinchoCertificateAuthorityServer,chngtis
dngStandaloneServervkhngmunlinquannDomain,vCAServerny
scsdngchoUserInternet.StandaloneServerphicthmWebServer
IISCILentcthxincCertificatebngWeb.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 30
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
StandaloneCerficateServerphcvchottcmingivchcthcpphtCertificatequaWeb
Site
ClickNext
KhaibothngtinvCertificateServicescuhnh.ThigianExpirecho
CertificatecpbiServernynnkhang2nmlhpl.Certificatetcp
nhVietCERTchngtichcthsdngchoSSLmhangtruyncho
ngthtc.ChcnngchnhcaCertificatelxcnhnServer(Authenticate)
nhngvicxcnhnlcnytrnnvnghavkhngaitrnInternettrust
CertificateServercachngti.
KhaibothngtinvCertficateServer
ClickNext
KhaibongdnnDatabasecaCertificateServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
31
Telecom Network Solutions
KhaibongdnlutrdliuchoCertificate
mcnhvClickNext
WindowsyucuachaSourcei386ca2003.Chngtisdngphinbn
Windows2003StandardEditionnnphicungcpngi386caStandard.
WindowsyucuaServicePackhocaSourcecaWindows2003
ClickNexttinhnhciCertificate
CertificateServicecnhbovingidnglstbtASP.NETServiceln
htrchotrangWebxinCertificate.Nunhquntrkhngbtdchvnyth
khngthxinCertificatebngWebcmStandaloneCerficateServicechh
trxinCertificatebngWeb.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 32
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrangwebxinCertificatevvitbngASP.netnnhthngphibtlnASP.nethtrtrang
webny.
ClickYEStiptcci
CuicngClickFinishktthcqutrnhcitCerficateService
Vcngcquntr,WindowscungcpchochngtacngcCertificate
AuthorityManagementConsole
SdngSnapinCertificateAuthorityqunlccCertificatechngnhncho
User/Service/Server
VicngcnychngtacthqunlviccpphtCertificatehocthuhi
chng.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
33
Telecom Network Solutions
GiaodincacngcCertificateAuthoritytrnWindows2003
VinhngCertificateangtrngthichccpphtsnmtrongmc
PENDING
CcPendingCertificatenmtrongvngPending.ViStandaloneServerthviccpphtnyphi
lmbiAdministrator
VnhngCertificatecpphtnmtrongmcISSUED
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 34
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NhngCertificatechngnhnvcpphtchoClientsclutrongkhuvcIssuedCertificates
HcdanhschnhngCertificateshthnvthuhilinmtrongmc
RevocationList
4.
Xin cp pht mt Certificate cho Web Server
TrckhicuhnhSSLchotrangwebwww.hocmang.com,chngtiphixc
nhCommonNameltntrangweb,chngtingktnminnyvhin
tinidungltrangwebwww.vietnamlab.com
QuytrnhchungkhithchinxinCertificatechomtWebSitelvoWebServer
vtoraPrivateKey/PublicKeyvxutringPublicKeycaWebServerthnh
mtptin
XinCertificateServicechngthcPublicKeycaWebServerlngvinhng
gchWebSitecungcptrongqutrnhxinCertificate.CertificateServicesto
mtCertificatechoWebSitevImportCertificatenyvoWebServercth
chycviSSL.
Chngtithchinbc1ToKeyvXutPublicKeychoWeb
VoIISServervchntrangwebwww.hocmang.comscuhnhHTTPS,click
phichnProperties
VoTabDirectorySecuritychntipntServerCertificate.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
35
Telecom Network Solutions
CuhnhxinCertificatechoWebSitetrnIISServer6.0
WindowsstiptcmtWizardgipchonhquntrkhaibothngtincho
WebSitevtocpKeyPrivate/Public
ClickchnOptionCreateaNewCertificatetomtCertificatemicho
Clients.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 36
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TomtCertificateRequestginCertificateWebSitexinchngthc
ClickNext
ChnPreparetherequestnow,butsentitlatertomtPublicKeyvxut
thnhtptin
TotptinCertificateRequestdngPlainTextnhCertificateServerchngthc
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
37
Telecom Network Solutions
ClickNext
KhaibothngtinchoWebSitekhicuhnhSSL.cgichCommonName
phingvitnminngktrninternetvltnngidngstruycp
votrangweb:www.hocmang.com
TncaCertificatevchiudicaKeysdngmha
ClickNext
Khaibothngtinvcngtyangchatrangwebwww.hocmang.com,nucn
thit,CertificateAdminphictrchnhimkimchngtnhchnhxccathng
tintrn.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 38
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KhaibothngtinvCertificateOrganization
ClickNext
KhaiboCommonNamechoCertificate.CommonNamephingvitnng
kvtntrangwebkhingidngtruycpvotrangny.
CommonNamltnchinthtrnCertificate.CommonNameclutrongCertificatevtn
trangWebnyphikhpvitntrangWebkhiUsertruycp.
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
39
Telecom Network Solutions
Khaibothngtinvcngty,qucgia
KhaibothngtinvtchcangxincpCertificateny
Thngtinvdoanhnghipangshutrangwebcnchngthc.Nhngthngtinnyscm
hatonnPublicKeyvcchatrnCertificate.
ClickNext
XcnhngdnchatptinPublicKeycatrangweb.Nidungtptinny
scchngthcbngmtCertificateService.
ngdnlutptinchaPublicKeycaTrangwebhcmng.comchngtivacuhnh.Ni
dungcaPublicKeycngclinquannnhngthngtinkhaibotrongWizard
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 40
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TnghplitanbthngtinkhaibotrongWizard.cgiphikimtra
liCommonName,rtquantrngnukhngchnhxcCommonNamekhixin
Certificate.
ClickFinish
Bc2xinchngthcPublicKeyvtoCertificate
StandaloneCAServerchcthhtrxinCertificatetWebSitecaCAServer
VotrangwebxinCertificatetiach
http://192.168.0.2/certsrv
GiaodintrangwebcpCertificatecaCerficateServicetrnWindows2003.
ClickchntipAdvancedCerrtificateRequesttruycpvotrangWebcho
phpcpCertificatechoWebServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
41
Telecom Network Solutions
ChnAdvancedOptionxinCertificatebngmtWebSitecbittrongtrnghpPublicKey
totrc
Trangwebtiptheohinthnidungcnkhaibo.ChngtichnOptionth2
khaibonidungPublicKeycsntrongtptinCertreq.txt
ChnOptionnyxincpphtmtCertificatetmttptinchaPublicKeycsn
CopytanbnidungcatptinCertreq.txtvocastrntrangwebca
CertificateService
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 42
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Nidungcatptincertreq.txtcthhinthbngNotepadvtptinnylPlainText.Nidung
chabntrongtptinnylPublicKeycaWebSitecncchngthccpmtCertificate.
CopytanbnidungcatptinnyvocasSaveRequest
Dntanbnidungcatptincertreq.txtvocasWebSitetrnCertificateServer.
ClickSubmitginCertificateServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
43
Telecom Network Solutions
DavoRequestIDcthbitcCertificateServernycpbaonhiuCertificate.
ThigianchbaoluldoCertificateAdministratorccpphtCertificatehay
khng.
CpmtCertificateangtrngthich(Pending)
NhquntrphilnCAServerConsolevclickchnIssue,hintiCertificate
nyangtrngthiPending
CpphtCertificateviStandaloneCertificateServerchcththchinManual
QuaylitrangwebcaCAServerDownloadCertificatevDownload
CertificateChainImportRootCAServerCertificatethchinvicTrust
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 44
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XemtrngthicaCertificateccpphtbiAdministratorhaycha
TrnClient,chngtasdngCertificateSnapinqunl.NhngCertificate
sdngchoWebcxpvoServiceCertificate
ClickLinkDownloadCertificatecchngnhnvcpphtbiCertificateAuthority
ClickchnDownloadCertificateChainDownloadCertificatechoWebServer
vDownloadlunRootCertificatethchinTrustCertificateServer.
ClickDownloadCertificatetiCertificatechoWebSite
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
45
Telecom Network Solutions
ClickSavelulitptinCertnew.cer
ClickSaveDownloadCertificatedng.CERfile
ChnngdnluCertificatetiC:\CertNew.cer
LutptinCertificatevoDesktop
ClickClose.KhngsdngchcnngOpentptinCertificateny.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 46
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TiptheoDownloadCertificateChain
DownloadCertificatetCertificateAuthority
ClickSavetptinCertificateChain
TptinCertificateChaincludngtptinp7bcha2Certificatesbntronggm1caRoot
CerticicateAuthorityServerv1caWebServer.
ChngticnglutptinnytrongngdnC:\cngvitptinCertnew.cer
ClickOPENmtptinnyvchyvongngdnCERTNEW.P7B
Certificate,DoubleClickvoVietCERTCertificateServicethchinTrust
CertificateAuthorityServerVietCERT.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
47
Telecom Network Solutions
ClickOPENmCertificatevtinhnhInstallCertificate
ClickInstallCertificateImportCertificatevoWebServer.Qutrnhnych
TrustCertificateAuthorityServer.
InstallRootCertificatecaVietCERTCertificateServiceTrustServerny
TiptheoWizardvchnngmcTrustedRootCertificationAuthoritiesbng
ntBrowse
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 48
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ImportCertificatevoTrustedRootCertificationAuthoritiesthchintrustviCertificate
AuthorityServer
ClickNext
ClickFinishImportCertificatevoWebServerthchinqutrnhTrust
TrnmyWebServermtipCertificatewww.hocmng.comxemCertificate
ccTrusthaycha
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
49
Telecom Network Solutions
BiutngnychobitCertificatecTrust.WebServerTrustviCertificateAuthority
trongqutrnhInstallCertificatetrc.
TiptheochngtascuhnhCertificatenychotrangwebwww.hocmng.com
trnDMZNetwork.
5.
Cu hnh Web Server s dng SSL
ChngtisdngWindows2003lmServernnWebServersdnglIIS6.0.
TrnIISServerchngtiHostnhiutrangwebsdngtnhnngHostHeader.
ClickphichutvotrangwebHocMang.comvchnProperties
ClickchntabSecurityvchnServerCertificate
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 50
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhkhaiboCertificatechoWebServersaukhiccpphtbiCertificateAuthority
GiykhngcncuhnhRequestmchcnchnProcessthepending
requestandinstallthecertificate
ClickchnProcesstipqutrnhcuhnhHTTPSchoWebSite
Clicknext
Khaibongdncatptincerts.crt
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
51
Telecom Network Solutions
KhaibongdnCertificateFilechoWebSite
Clicknext
ChnPortsdngchoWebSitenyHTTPSl443
CuhnhPortchoWebSitekhisdngSSL
ClickNext
Tnghplinidungvtrangweb
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 52
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TngktqutrnhcuhnhCertificatechoWebSitehcmng.com
ClickFinish
BucUserphitruycpvotrangwebnybngSSL
ClickphivotrangwebchnProperties
ClickchnTabDirectorySecurity
ClickEditSettings
ClickEditcuhnhbtbucsdngSSLchotrangwebny
ClickchnRequiresecurechannel(SSL)vClickchnRequre128bitencryption
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
53
Telecom Network Solutions
YucuClientsphisdngHTTPSkhitruycpvotrangWebny
ClickOK
NuUsernotruycpvotrangwebnybngHTTPsbboli
ThnghimlitrangwebbngcchvoInternetExplorergdngach
http://www.hocmang.com,chngtasnhncthngbolphitruycp
trangwebbngngdnSecuretclhttps
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 54
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
InternetExploreryucuphisdngHTTPSkhitruycpvotrangwebhcmng.com
TruycplitrangwebbngngLinksauhttps://www.hocmang.com
Trangwebtruycpbnhthng
NidungtrangWebhcmng.comhinthbngHTTPS.Chbndigcphicaschnh
khamuvngchngttrangwebnyangsdngHTTPS
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
55
Telecom Network Solutions
6.
Xy dng h thng Active Directory
HthngActiveDirectorycaVietCERT.comcxydngtrongbtiliu
thchnhmn70294canhmbinsanVietCERT.TrongvngDMZNetwork
cthchngtisxydngmththngDomainICTExpress.comchng
thcSingleSignOnchochthngDMZ.
ViccuhnhActiveDirectorytrnvngDMZcngkhngquphctp,chng
tidngmtServertrongvngnyvchyDCPROMO
VoRUNgDCPROMO
SdngWizardDCPROMOcuhnhActiveDirectorytrnServerthnhDomainController
ClickNextchnkiucuhnhchoDomainController.
CuhnhDomainControllerchomtDomainmiviOptionDomainControllerforaNew
Domain.ChcnngnycsdngkhitomtDomainControllermichomtForest,Treehoc
mtChildDomain.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 56
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickchnDomaininanewForest
MtForestmiraicnhdubngmtDomainControllerutincaDomainutin
trongtanForest.HthnghinticachngtachacDomainnonnbtbucchngtiphi
chnOptionsny.
BctiptheoxcnhtnDomaindngDNS
TnDomaindngDNScchngtisdnglICTExpress.com.ThngthngtnDomainsl
tncngty.com.ICTExpress.comslDomainutincaForesttrongvngDMZNetwork,n
ngvaitrForestRootDomainvServer1.ICTExpress..comlDomainControllerutinca
Forest.
XcnhtncaActiveDirectorysxydng,trongtanmhnh,chngti
dnghthngActiveDirectorymangtnICTExpress.com(tnkhngphnbit
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
57
Telecom Network Solutions
chahoahaythng).DNSDomainNamesmangtnICTExpress.com
TiptheoxcnhNetBIOSDomainNamechoActiveDirectory.Tnnysc
ccClientstrcWindows2000sdngphngiithngtincaActive
Directory.
NetBIOSDomainNamemcnhsclytDNSDomainNamectbphnui.compha
sau.NetBIOSDomainNamecClientstrcWindows2000sdng.
ClickNext,mcnhcuhnhtrn
ClickNextxcnhDatabasecaActiveDirectoryschangdnno.
NTDSlnichaActiveDirectoryDataBasecamiDomainController.Thmcnycnbom
PerformancecannntthnhtlMovesangmtSCSIDrivedngring.
ThmcSYSVOLlnichaGroupPolicyDataBasechotanbDomainny
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 58
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SysvolFolderchobitylmyDomainControllercamtDomain.SysvolchatanbGPO
didngGUIDFolder.
ClickNext,nucgicuhnhngthqutrnhDCPROMOshinthnh
sau.
DCPROMOthngboqutrnhkimtraDNSZone
CuhnhPermissionthcralcuhnhDomainFunctionalLevelchoDomain
hatngmcno.DomainFunctionalLevelc3cpMixedMode,
NativeModevServer2003.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
59
Telecom Network Solutions
CuhnhchoDomainhatngNativeMode.NucgichnOptiontrn,MixedModes
cthitlpphhpchohthngcnsdngWindowsNT4.0lmDomainController.
CuhnhPasswordchoAdministratorchRestoreMode
RestoremodePasswordccuhnhringchotngAdministratortrnLocalcatngDomain
Controller.LocalAdministratorsdngtrongRestoreModePasswordcchatrongfileSAM
caringmiDomainController.
ChqutrnhDCPROMOhantt,khingliServer.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 60
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
BiutngxydngmtDomainControllerhantanmi.
cgiphikhingliServersaukhichyxongDCPROMO
KhingliServerktthcqutrnhlnDomain.
SaukhikhingliServer,ServertrthnhmtDomainControllerutin
choForest.
ChoccServertrongvngDMZNetworkthamgiavoDomainICTExpress.com
cththchinSingleSignOn.VicutinkhicuhnhthamgiaDomain
lcuhnhTCP/IPSettingschDNSServervmyDomainController
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
61
Telecom Network Solutions
CuhnhDNStrnTCP/IPConfigurationchvDNSServercaDMZNetwork.Nucuhnhsai,
SRVkhngcphngiithnhachIPcaDomainController,qutrnhthamgiaDomains
thtbi.
TiptheovoComputerSettingsphnComputerNamechnChange
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 62
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickChangeitnmytnh/ivaitrcamytnhlthnhvincaDomainhocWorkgroup
ClickphnMemberOfvgtnDomainICTExpress.com
MemberOfDomainchobitClients/MemberServernyslthnhvincaDomaintn
ICTExpress.com.ChngtithamgiaDomainnybngDNSDomainNamevcnphicDNS
SRVtrnDNSServer.
GUsername/PasswordcabtkmtUsertrnDomain.
KhingliServersaukhithamgiaDomainthnhcng
TiptheocuhnhTrustinggia2ForestVietCERT.comvICTExpress.com,kiu
TrustthchinlExternalTrustcthsdngSingleSignOngia2Forest
nythngquaISAServer.CuhnhTrustingDomainccbnthamkhothm
bnTiLiuThcHnhmn294caVietCERT.
Ghich:Clientc2Domaincthlinlccvinhau,trustingcthchycchngta
phicuhnhISAServermcctrafficcnthitchoKerberos.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
63
Telecom Network Solutions
7.
Cu hnh dch v chng thc bng RADIUS
TrnccthitbFirewall,chngthcbngUsername/Passwordchngtaphi
cmtAuthenticationServer.WindowschngtasdngRADIUSServer(trn
WindowsgilInternetAuthenticationServerIAS).
RADIUSServersquytnhvicngnhpthnhcnghaythtbivoISAServer.RADIUSs
dngProtocolUDPtrongqutrnhtruynginncthbtncng.ISAServercthsdng
RADIUSchngthcUsertrongAccessRule.
CitRADIUS
VoControlPanelchnAdd/RemovePrograms
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 64
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Add/RemoveProgramscitdchvRADIUSServervoWindows2003.RADIUSServerl
dchvminphtchhptrongWindows2003.
ClickchnAdd/RemoveWindowsComponents
CcdchvcngthmcaWindowscthmvobngAdd/RemoveWindowsComponents
ClickchnNetworkServices
ChngtikhngclickchnNetworkServicesmthayvolbmDetailschnduynhtdchv
InternetAuthenticationService(IAS)lRADIUStrnWindows2003.
ClickDetailschntipInternetAuthenticationService(IAS)
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
65
Telecom Network Solutions
ChndchvInternetAuthenticationServicevClickOKstinhnhcitRADIUSServertrn
Serverny.
ClickOK
ClickOKvkhaibongdnthmci386caWindows2003
gimnhhthng,Windows2003khngchasnSourcei386trongbcitmthayvo
ngidngphikhaiboSourceCDtrongqutrnhciRADIUS
CuhnhRADIUSServerchophpISAServerchngthc
TiptheolcuhnhIASServer(RADIUSServer)vkhaiboISAServerthnh
ClientcaRADIUSServer.
VoAdministrativeToolschnInternetAuthenticationService
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 66
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RADIUSServertrnWindows2003vitngiInternetAuthenticationService
GiaodincaIASServertrnWindows2003
GiaodincaRADIUSServertrnWindows2003.
ClickchnRADIUSClientsvclickphichnNewkhaiboISAServerlm
ClientscaRADIUSServer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
67
Telecom Network Solutions
ToRADIUSClientstrnRADIUSServercaWindows2003.
FriendlyNamechngtagtnhinthcaISAServerlFirewall
TiptheogachIPcaISAServer
achIPcaRADIUSClientsachIPcaFirewallISAServer2006
ClickNext
XcnhthngslinlcviClienttcRADIUSServer.ISAServermunchng
thcbngRADIUSServerphikhaibochnhxcShareKeyccuhnhtrn
RADIUSServer.
ChngticuhnhSharedKeyl123abc!@#
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 68
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SharedKeycsdngRADIUSClientschngthcviRADIUSServer.SharedKeyphi
gingnhautrnClientsvServer.
ClickNext
KtthcqutrnhtoRADIUSClienttrnRADIUSServer.
CuhnhISAServer2006sdngRADIUSServer
VoISAServerManagementConsolechnmcConfiguration
ChntipmcGeneral
TrongcasDetailschnSpecifyRADIUSandLDAPServers
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
69
Telecom Network Solutions
SdngchcnngcuhnhRADIUStrongmcGeneralcaISAServerManagementConsole.
ClickAddthmRADIUSServervoISAServer.ISAServerslClientca
RADIUSServer.
ClickAddthmRADIUSServersdngchngthccctraffictClients.
KhaibothngtinvRADIUSServer.
ServerIPl192.168.1.2lachIPcaRADIUSServer.
PhnDescriptionchngtakhngcnquantm
VquantrngnhtlphnSharedSecretphikhpvichuiktkhaibo
trnRADIUSServerl123abc!@#
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 70
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KhaibothngtinvRADIUSServerchoISAServer.ISAServersgiAuthenticationRequestn
ngRADIUSServercuhnh,sdngSharedSecretKeychngthcviRADIUSServer.
RADIUSsdngUDPPort1812.
ClickOK
TrliviphncuhnhAuthenticationServersvkimtraIP,Portca
RADIUSServersdungl1812UDP.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
71
Telecom Network Solutions
SaukhicuhnhADDthmRADIUSServerchoISAServer,chngtikimtraliphncuhnh
trongISAServer.KimtraliachIPvsPortsdng.Nucuhnhsaiphnny,ISAServer
sblikhisdngRADIUSServerchngthc.
ClickOK
RADIUSServerscsdngkhicuhnhAccessRule,VPN,WebProxytrn
ISAServer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 72
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGII
Ci t ISA Server 2006
Gii thiu s lc v chng
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
73
Telecom Network Solutions
8.
Gii thiu m hnh thc hnh
CngtyVietCERTthukhangachIPPublic203.162.23.32/28gm16ach
IP,chngtisdngnhngachIPnychonhngServertrongvngDMZ
Network.ISAServerngvaitrFirewall(mhnhThreehome)gm3Interface
tngtcnccmngExternal,InternalvDMZNetwork.
HthngmngchngtithitkchoVietCERTbaogm3hthngm2LANvmtvngmng
DMZ.HthngDMZchngtisdngPublicIP.HthngLANcnlichngtisdng
PrivateIP.
ISAServersbovhthngmngLANkhistncngcaHacker.Nuh
thngDMZbtncng(vInternetClientstruycptrctipvoDMZ)cng
khngnhhngnLANvquaISAServerccAttackTrafficnyblcli.
TrongsutccbithchnhchngticuhnhcctnhnngcaISAServer
2006theomhnhtrn.
CcServerWebServer,MailServer,ChatServervStudyingOnlineServercc
bnthngtruycpchngtittrongvngDMZ(LocalHosting).
9.
Ci t Service Pack cho Windows
ISAServer2006chcthcittrnWindows2003ServicePack1trln
(Windows2003cncphinbnWindows2003ServerR2).citService
Pack1thWindowscabnphicLicenseviCDKeyphhp.VnLicense
chlgiythpl,cntrnWindows,Microsoftsdngkthutkimtra
GenuineCopycaphinbnWindowshinti.NukhngcCDhplbn
khngthcitWindows2003ServicePack1viunycngcnghalbn
khngthcitcISAServer2006.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 74
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
cgicthdownloadphinbnTrialcaWindows2003sdngtrong180
ngy(phiActivate).MiCDKEYcaWindows2003TrialcActivatemt
lnchophpsdngtrong180ngyvcUpdateServicePackvHotfixy
.
DownloadWindows2003ServicePack1tiach
http://www.microsoft.com/technet/downloads/winsrvr/servicepacks/sp1/default.
mspx
Ghich:tithiimvitcunschny,WindowsServer2003cphinbnServicePack2RC
choWindows2003nhngdoylbnReleaseCandidatennchngtichaavosdng.
TrckhiUpdateServicePackchohthng,ingITphikimtrartkmiHotfixbngcchlp
hthnggilptrnVirtualServer2005R2(ylmtphinbnminphcaMicrosoftchophp
gilphthngServerviClusteringtrnWindows2003).Saukhicpnhtthnhcngtrnhthng
Servero,chngtimithcschotinhnhcpnhtthct.
VietCERTsdnghthngcpnhttngbngsnphmSMS(System
ManagementServer)caMicrosoftcpnhttanbHotFix,ServicePackvc
nhngbnvlicaccchngtrnhkhngphitMicrosoftnhchngtrnh
qunlkhchhngmtdncnglmhnhichngchokhchhngno
quantmnhthngCRMvERPtrinkhaivavosdngti
VietCERT.
cgicthtibnthnghimcaSMS2003tiach
http://www.microsoft.com/smserver/evaluation/2003/r2.mspx
Viccpnhththngrtquantrng.BnthnISAServer2004cngnh2006
hanthnhtngittvicbomttrnsnphmcamnh,nhngcng
chthngbtncng.ascccuctncngvoFirewallldohainguyn
nhnsauy:
Nguynnhnthnht:Viccuhnhqulnglo,ngiquntrkhngnm
htccctnhhngkhicuhnh,mqunhiuPort,mnhiungdngv
suynghtheohngchcnlc,hthngcamnhchclkhngaitn
cng
Nguynnhnthhailhthngcpnhtccbnvlikhngctrinkhai
(mttrongccnguynnhnkhngtrinkhaichthngnyldokhng
cLicense)nnWindowsServer(2000/2003)cli,tnhnglinyHackerc
thtncngquaISAServer2004/2006.
nginhaviccpnhtvcnhtranhviccsnphmFirewallkhc(h
githnh,tngtnhbomtvxydngWizardgipchoviccuhnhdhn
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
75
Telecom Network Solutions
baogiht)ISAServercdngsnphmdngAppliance(ISAServer2006c
tchhptrnthitbphncng,nhngdngsnphmnyhinchacbn
rngritiVietnam)
MtsAppliancetiubiu
AmericanResearchMachines(ARM)S.I.A.S.A
http://www.microsoft.com/isaserver/hardware/arm.mspx
CelestixNetworks
http://www.microsoft.com/isaserver/hardware/Celestix.mspx
HewlettPackard
http://www.microsoft.com/isaserver/hardware/hp.mspx
NetworkEngines
http://www.microsoft.com/isaserver/hardware/NetworkEngines.mspx
OttoSecurityandSoftwareTechnologie
http://www.microsoft.com/isaserver/hardware/Otto.mspx
PyramidComputer
http://www.microsoft.com/isaserver/hardware/Pyramid.mspx
WhaleCommunications
http://www.microsoft.com/isaserver/hardware/WhaleCommunications.mspx
WortmannAG
http://www.microsoft.com/isaserver/hardware/WortmannAG.mspx
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 76
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThitbISAServerAppliancecaCelestixtchhpbISAServer2006viphncngrtgngng,
titkimcphnLicensechoWindows2003vhthngphncngphctpcamtServer
chuynnghip.
DngthitbcaColestix
MhnhxutcaCelestixISAServerAppliancecthchycvinhiuhthng,mhnha
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
77
Telecom Network Solutions
dng.ISAServercthmdngAppliancecxemlmtthmnh,cuhnhddnghnsovicc
dngFirewallkhc.
MhnhFirewallcaColestixviFirmwarelISAServer2006ckhuynco
sdngnhtrn.Ngaithitbra,ISAServerthngccittrnmt
ServerangchyhiuhnhWindows2003Sp1cngcthitkvim
hnhtngtnhchybngAppliance.
GiaodincuhnhcaISAServer2006ApplianceCelestix.Hthnggiaodincphttrinda
trnbISAServer2006SDK.CuhnhAppliancehantanbngWebSitetchhptrnthitb
Port10002.
Cuhnhtrnthitb
DngthitbcaHPProlianttchhpbISAServer2006StandardEditionvicngStripvu
DVD,USBchophpImportcuhnhtngaivoISAServerddng.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 78
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DngthitbcaHP
TrnISAServer,nmcnguyntchatngcaISAServerlcthcu
hnhtttrnccthitbMicrosoftISAServer2006Appliance.
Ghich:ISAServer2004cngcdngAppliancenhngchviphinbnEnterprise,vcngkhng
bnthtrngVitNam.
10. Cu hnh TCP/IP cn thit cho ISA Server
ISAServer2006cthchyvinhiumhnh.NuchyvitnhnngFirewall
thISAServersc2InterfacehocnhiuInterface.Mtsmhnhcthkn
khisdngISAServer2006lBastionHost,BackendFirewall,vProxyServer
only(chsdngISAServer2006lmProxyServer,khngtndngtnhnng
Firewallcasnphmny.
BastionHost
MhnhmngBastionHostviFirewalllISAServer(cthlApplicationhcApplianceu
c).Trongmhnhny,ISAServersbovmngInternalvcungcpVPNConnectioncho
RemoteUsers.
Trongmhnhny,ISAServermtmnhbovchohthngmngLANv
cungcpInternetchoUsertrongmngLAN.TrongmngLANcaISAServerc
thcDomainController,DHCPServer,DNSServer,WINSServervWeb
Server,MailServer.NhngServernycthchsdngtrongmngLAN,hoc
csdngtrctiptInternetUser(chiviWebServervMailServer,
ikhiDomainControllercngcsdngchngthcchoInternetUser).
TronghthngLANcaISAlcnybaogm2hthngLAN(1lInternalcho
UsertrongcngtyvmtlhthngDMZchaccServerctruycptrc
teptInternetUser)
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
79
Telecom Network Solutions
CuhnhIPvGatewaycahthngBastionHostviPublicIPtISPccpxungchoRouter
ADSL.NucuhnhPublicIPtrnRouterADSLskhngcnthitphiNATtrnRoutervkhi
khngcncuhnhGatewaytnhchoISAServer.
cuhnhIPchohthngBasionHostchngtaphicuhnhnhsau
TrnISAServer
CuhnhIPbaogm2InterfaceInternalvExternal,2Connectionnyktni
n2NICvtlkhcnhau.Trongbithchnh,cgicthsdngmt
NICvi2achIPnhngdxyrali.Chngtikhngkhuyncocgis
dngcchny.
CuhnhIPchoBastionHosttrnISAServersdngNetworkConnectiontrnWindows.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 80
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
InternalktniISAServervimngLANbaogmDomainControllers,DNS
Server,DHCPServer...vccmyClientstrongLAN.TrnInternalInterfaceca
ISAServersccuhnhnhsau
InternalInterfacecaISAServerktniISAvimngLANmangNetwork192.168.1.0skhng
ccpDefaultGateway.TrnmiHost,kcISAServer,GatewaycthcnhiunhngDefault
Gatewaychcmt(DefaultGateway=DefaultRoute)
ChsdngDNStrongmngLANchoISAServerphngiitnminnib
(trongtrnghptruycpWebServer,MailServerbngHostHeader,ISA
ServerssdngDNSServerphngiitn).KhngnncuhnhDNStrn
ISAServerchtrctipraISPnh210.245.31.130hoc203.162.4.190,...vlcny
ISAServerkhngthnhnthycLocalWebServerhocMailServer.
ExternalInterfacektniISAServerviInternet.ISAServersdngInterface
RJ45ktniraInternetnnkhngthktnitrctipnnhcungcpdch
v(ISP)mphithngquamtRouterhocModem(bchuyntnhiu).
ViExternal,cuhnhIPsnhsau
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
81
Telecom Network Solutions
ExternalInterfacecaISAServerphicDefaultGatewayhoccgicthcuhnhDefaultRoute
choISAServercngtngngviDefaultGateway
ClientsvccServerstrongLAN
CuhnhIPtrnccClientsvServerstrongLANphimangNetworkIDging
viISAServerInternalInterfacenghalphitngtcncISAServer
bngInternalInterface.racmtNetworkIDkhc,ccClientsvServers
trongLANcncmtDefaultGateway(lmtIPtrnmtInterfacecaRouter
gnviLANnht),lcny,DefaultGatewaylachIPcaInternalInterface
trnISAServer2006.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 82
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
mhnhny,ISAServerslGatewaychottcccmytrongLAN.TrnClientschngticu
hnh192.168.1.1lGatewaychottcccClients.CuhnhIPcaClientscthgntnhhocng
quadchvDHCP.
VtrnDMZServermangPubliccngcuhnhchvISAServer/Appliancelm
Gateway
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
83
Telecom Network Solutions
CuhnhIPvGatewaycaccmytrongvngDMZNetwork.ChngtisdngPublicIPcho
DMZNetworkvISAServermangachIP203.162.23.33lachIPutintrongNetwork
203.162.23.32/28.
Tmli,cuhnhIPcaccmytrongLANvISAServersnhsau
Laithitb
achIP
Default
Gateway
DNS1
WINS
DNS2
ISAServer
Internal
192.168.1.1
N/A
192.168.1.2
192.168.1.2
ISAServer
External
10.0.0.1
10.0.0.2(IP
caRouter)
N/A
N/A
Clients&
DMZServers
192.168.1.x
192.168.1.1
192.168.1.2
192.168.1.2
DNSServer
caLAN
192.168.1.2
192.168.1.1
192.168.1.2
192.168.1.2
192.168.1.3
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 84
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChachIPcaDNSServervachIPtrongcuhnhTCPcaISAServer
(InternalInterface)
MhnhBackEndFirewall
Mhnhth2nycngthngcsdng.ISAServernhgnhhnccm
hnhkhclbovmngLANtrongtrnghpFrontEndFirewallbnhsp,
ccServertrongvngmngDMZbtncngvtHackerscthtncng
tipvotrongmngLAN
ISAServerngvaitrBackEndServerchomtFirewallkhc.KhuvcgiaFrontendvBackend
FirewalllvngDMZchaccServerscPublishedchoInternetUsers
ISAServercthlmFrontEndFirewall,nhngtrongVersiont2004tri,
MicrosoftkhuynconndngISAServer(dngApplication)vivaitr
BackEndlttnht.AppliancecPerformancetthnvbomthn(vnh
phnHiuhnh).
Trongmhnhny,ISAServercngmang2Interface(Externalktninh
thngLANcDMZvGatewaycaISAServerslInternalInterfaceca
FrontEndFirewall.CuhnhtrnFirewallvtrnRouternichung,nnsdng
RoutingTablecuhnhchoccthitbny.ViISAServer,RoutingTable
ccuhnhbngdchvRoutingandRemoteAccesshocROUTEADD
Command.
CcClienttrongmngLANdoISAServerqunlcuhnhIPtngtnhm
hnhBastionHost,GatewaychnISAServer(InternalInterface).
ServertrongvngDMZcuhnhIPkhcNetworkIDvimngLAN,vcng
NetworkIDviExternalIPcaISAServervInternalIPcaFrontEndFirewall.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
85
Telecom Network Solutions
FrontEndFirewalllcnycthlPIXFirewallcnggm2InterfaceExternal
vInternal,cuhnhIPviGateway(hocDefaultRoute)vModemtruycp
Internet.
MhnhBackendviISAServercthhnkhichngtignNetworkIDchoccmngclinquan.
Trongmhnhny,ISAServermangmtachIPPublicnmtrongmng203.162.23.32/28
CuhnhIPrtquantrng,cgikhngclnlnchny,nusai,tanb
mhnhshng.
CuhnhIPtrnFrontendFirewallcthylmtAppliancecaISAServer
hocmtthitbkhcvichnngFirewall
ExternalInterfacecuhnhmangPublicIPvigatewaycuhnhvISP.Trn
ServernycthkhngcncuhnhRoutingTableviDestinationlNetwork
IDcamngLANvnuUsermuntruycptinternetvoLANphithchin
quayVPN2lnvonISAServer.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 86
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ExternalInterfacecaFrontendFirewallmangPublicIPvcuhnhGatewaychvachIPca
ISP.
InternalInterfacecngmangPublicIPvikhangIPccptISP,ch
khangIPnykhngtrngvikhangIPsdngchoExternalcaFrontEnd
Firewall
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
87
Telecom Network Solutions
InternalInterfacecaFrontEndFirewallchccuhnhachIP,ngairakhngcncuhnhg
ht,kcGatewayvDNS.
CuhnhIPtrnISAServer,ISAmang2InterfacestngtcvimngDMZv
LAN.
ExternalInterfacemangPublicIPnmtrongkhangIPpublicdoISPcppht,
NetworkIDtrngviNetworkIDcaDMZServers.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 88
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ExternalInterfacecaISAServermangPublicIPnmtrongkhangmngcaDMZvsdng
FrontEntFirewalllmRouter(DefaultGateway)
InternalInterfacemangPrivateIPcngmngviCorpLAN.cgikhngcu
hnhGatewaytrnInterfaceny.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
89
Telecom Network Solutions
TngtnhBastionHost,ISAServerkhngcuhnhGatewaytrnInternalInterfacecamnh,
chcuhnhDNSphngiitntrongmngnib.
CuhnhIPtrnClientstrongCorpLANcuhnhchGatewayvachIP
InternalcaISAServer.NetworkID192.168.1.0/24
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 90
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrnClientstrongmngLANchcuhnhGatewayn192.168.1.1mkhngcnbitbnngai
ISAServercnmtFirewallkhcna.NguyntccaGatewaylRoutergnnht.
CuhnhIPtrnDMZServermangPublicIPdoISPcpphtvchGatewayv
InternalinterfacecaFrontendFirewal.
TrnccServerscahthngDMZchngticuhnhIPtnhvchGatewayvIPcaFrontEnd
Firewall.DNSServerchngtisdngchnhmy203.162.23.35vServernyslDomain
ControllerchohthngForestcaDMZ
Laithitb
achIP
Gateway
DNS
FrontEnd
Firewall
ExternalIP
10.0.0.1
10.0.0.2(a
N/A
chIPcathit
b
LoadBalancing
hocModem)
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
WINS
N/A
91
Telecom Network Solutions
FrontEnd
Firewall
InternalIP
203.162.23.33
N/A
203.162.23.34
DNSServer
trongvng
DMZ
203.162.2334
ISAServer
ExternalIP
203.162.23.35
203.162.23.33
N/A
N/A
ISAServer
InternalIP
192.168.1.1
N/A
192.168.1.2
192.168.1.2
LANClients
192.168.1.x
192.18.1.3
192.168.1.1
192.168.1.2
192.168.1.2
192.18.1.3
DMZServers
203.162.23.x
203.162.23.33
203.162.23.34
203.162.23.34
MhnhThreeHomed
ISAServerctrchnhimnngnhtlbovmngLAN,ngthibov
mngDMZchaccServerctruycptrctiptInternetUser.
MhnhThreehomedviISAServerlmFirewallslmhnhchngtichncuhnhtrong
sutTiLiuThcHnhny.DMZvLANuktnivoISAServer,mimngktniviISA
ServerbngmtInterfaceringviNetworkIDkhcnhau.ISAServerngvaitrRouterv
Firewallchoccmngny.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 92
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ISAServersc3Interfacektnivi3Networkkhcnhau:External,Internal
vDMZktniviDMZNetwork.MhnhnygingviBastionHost,chc
thmmtInterfaceDMZtchmngDMZrakhimngLAN.
MngDMZtchbitkhimngLANkhngbtncngtphangai,DMZ
thngxuynctruycptInternetnnnguyctncngrtcao.Microsoft
xemDMZNetworknhSemiTrustedNetwork.
CuhnhIPcngtngtnhBastionHost
MhnhThreehomedcminhharhnviNetworkIDcavo.MngDMZchngti
vnsdngPublicIPvikhangIPkhngil203.162.23.32/28
ISAServerExternalInterfacecuhnhmangachIPtht,tnhtrongkhangIP
cISPcppht.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
93
Telecom Network Solutions
ExternalInterfaecaISAServermangmtachIPPublictnh,cuhnhvGatewaytrnISP.c
gichphnSubnetMasktrongachIPtrn,NetworkIDchgm2achIPl203.162.24.33
v203.162.24.35ktninISP.
ISAServerInternalInterfacemangachPrivateIPtngtcvimngLAN
mangNetworkID192.168.1.0/24
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 94
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
InternalInterfacecaISAServerkhngcuhnhGateway,chsdngGatewaytrnExternalca
ISAServer
DNSServertrongLANscuhnhForwardernDNSServertrongmngDMZ,
gipISAServerphngiictnmincaDMZtrongtrnghpsdng
PublishingRule.
Trongmhnhny,ISAServermangthmmtInterfacektniviDMZ
Network.DMZNetworkchngticuhnhmangPublicIPtnhnnInterface
nycngphimangPublicIPcngNetworkIDviDMZNetwork.
PhnDMZInterfacechngticngkhngcuhnhGateway,cxemnhInternalcaISA
ServernhngmangachIPPublic.
ClientstrongLANmangachIPnmtrongNetworkID192.168.1.0/24vcu
hnhchDefaultGatewaynInterfaceInterfacecaISAServer.DNSServerch
vDNSServertrongmngLAN.TDNSServernysforwardernhng
RequestnccServertrongvngDMZhocPublicDNSServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
95
Telecom Network Solutions
ClientstrongmngLANttccuhnhGatewaychvISAServer(philInternalInterfaceca
ISAServer)
ServerstrongmngDMZmangachIPtnhvsdngISAServerlm
Gateway.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 96
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ServertrongmngDMZcaISAServercngmangachIPtnhvsdngISAServerlm
Gateway
TmttccachIPcuhnhtrnISAServer,LANClientsvDMZServers.
Laithitb
achIP
Gateway
DNS
WINS
ISAServer
ExternalIP
10.0.0.1
10.0.0.2
N/A
N/A
ISAServer
InternalIP
192.168.1.1
N/A
192.168.1.2
192.168.1.2
ISAServer
DMZIP
172.16.1.1
N/A
N/A
N/A
Clients
192.168.1.x
192.168.1.1
192.168.1.2
192.168.1.2
192.168.1.3
192.168.1.3
DMZServers
172.16.1.x
172.16.1.1
172.16.1.2
172.16.1.2
11. Ci ISA Server 2006
SaukhicitWindows2003ServicePack1vUpdateWindowsnnhng
Hotfixminht,chngtitinhnhciISAServer2006vimhnhThree
Homed.
Ghich:ISAServer2006khngsdngFirewallClientschoClientsnamcthsdngLDAP
ServerthchinqutrnhSingleSignOnchoClients.
ChyfileSetup.exebtucit
Hnh
Trongqutrnhci,ISAServeryucuxcnhInternalNetworklmngLAN
doISAServerqunl.InternalNetworklmtkhangachIP(tnht
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
97
Telecom Network Solutions
NetworkIDnBroadcastIP)cISAServerhiuvitnmcnhlInternal.
SaukhicitISAServer,nhquntrcthtothmccNetworkmivikiu
lInternal.VaitrcanhngNetworksnytngngviInternalmc
nh.
Ch:InternalNetworkhaybtkNetworknoctoratrnISAServerlmtRangeIPtrong
phibaogmachIPcaInterfacetrnISAServerktniviNetwork.
ClickNexttiptc
ChISAServerhanttqutrnhcit.Chngtikhuyncocginnkhi
ngliServersaukhicitISAServer2006hantt.Qutrnhkhings
lmmiliRegistryvkhingliccdchvcaISAServervacci
t.
12. Nhng cng vic cn lm sau khi ci t
SaukhicitISAServerchngtisthchinnhngthaotcsaukimtra
ISAServercithantt.
KimtraccdchvcaISAServer
SdngSnapinServices.msc
Kimtraccdchvsauy
ISAServerControl
MicrosoftFirewallService
ISAServerJobScheduler
ISAServerStorage
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv: 98
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraccdchvcaISAServersaukhicitlviclmcnthit.Quantrngnhtldchv
MicrosoftFirewallskimsatFirewallEnginecaISAServer.
NuccdchvchacStart,tinhnhStartccdchvny.Mcnhsau
khici,ccdchvnyckhing.
KimtraServicesbngISAServerManagementConsole
VoISAServerManagementConsolechnmcMonitoring
ChnTabServices
XcnhccdchvangtrngthiRunning
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
99
Telecom Network Solutions
KimtradchvcaISAServerbngchnhgiaodinISAServerManagementConsole.Sdng
ISAServerManagementConsolecgicthbt/ttdchv
NutrngthiStop,sdngISAServerManagementConsolestartServices
KhingdchvbngcachClickphichnStart
nbcnycthxemISAServer2006dccithanchnh,nhng
chngtikhuyncocginnkimtralicuhnhIPthitlptrckhi
ci.VicsaicuhnhIPliudxyranhtvingimicuhnhIP.(hiu
ttvIPvGateway,thamkhothmTiLuthchnhmn70291cacngty
VietCERT)
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:100
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGIII
Cu hnh Outbound Internet Acccess
Cho php Clients trong LAN c truy cp Internet thng qua ISA Server 2006, gii thiu cc
kiu Clients ca ISA Server 2006
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
101
Telecom Network Solutions
13. M hnh cho bi thc hnh
14. Cc lai Clients ca ISA Server 2006
ISAServercthsdngcclaiClientssauy:
SecureNAT:ttcccHostTCP/IPcmtachIPvcuhnhISAServer
thnhGateway.ViccuhnhGateaycthtinhnhbngtay,cuhnh
ManuallyhoccuhnhbngmtServer,chydchvDHCPServer.
SecureNATClientscthlmtthitb,cthlmtHostWindows2000,XP,
hocmtmytnhangsdngLinux.ClientssdngSecureNATkhngth
tndnghtctnhnngcaISAServer.
SecureNATchcncuhnhGatewaysdngISAServerlGateway,chngti
cthcuhnhachIPtnhchoccClients.
CuhnhTCP/IPsdngISAServerlmGatewaylchpnhnlmSecureNATClientscaISA
Server.
HocsdngDHCPOptions003cuhnhchoClientslmGateway,Clients
snhncuhnhIPnyvsdngISAServerlmGateway.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:102
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CthsdngDHCPServerOption003RoutercuhnhGatewaychoccmyClientstrong
LAN.
SecureNATClientsbtbucphicuhnh,chodchngtacciFirewall
Clientshaykhng.
WebProxyClients:ISAServerhatngvitnhnngProxyrttt.Proxy
ServercungcpchoClientstnhnngCachechoWeb.WebCachingtrnISA
Serversdngrttt.ISAServerCachenidungWebtrnRAMnntcci
thinngk.TtcccWebBrowserhtrctnhnngProxylcths
dngISAServerlmProxyServer.CcBrowsernhIE,Firefox,AvantBrowser
cthdngISAServer2006lmProxyServer.CcProxyClientskhngcns
dngDefaultGatewaycngcthtruycpHTTPvFTPbnhthng.Tnh
nngProxytrnISAServernusdngWebProxyClientschhtrchoHTTP
vFTP.
WebProxySettingscthcuhnhbngPolicytDomainhoccuhnhbng
tay
CuhnhProxySettingsbngPolicy
TmtGPOhpltrnDomain,clickchnEdit,vdchngticuhnhPolicy
trnOUMarketing
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
103
Telecom Network Solutions
ChnOUhpltcdngPolicy.SdngDomain/OUPolicyhiuqusmangnvicqunl
ActiveDirectoryrtddng.
ThitlpProxySettingschoClients
VoUserConfigurationWindowsSettingsInternetExplorerMaintenance
Connection
ChntipProxySettingsvDoubleClick
ThayiOptionProxySettingstrongmtGPOangpdnglnOUMarketingcuhnhProxy
chotanbnhnvintrongOUny.
inthngsvoPolicyny.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:104
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
GiaodincuhnhProxySettingstrongPolicy.
ClickOK
TrnClientslcnycsthayivIESettingsnhngUsercthtthay
ili,chngtistiptcdngmtPolicynacmkhngchoUserthay
iPolicySettings.
VoUserConfigurationAdministrativeTemplatesSystemComponents
InternetExplorer
ChntipSettingProhibitChangingProxySettings
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
105
Telecom Network Solutions
TttnhnngiProxybngtaytrongInternetExplorer.ChngtisdngProxycmUsert
thayi.
DoubleClickvachnEnable
ClickEnableOptionDisablechangingproxysettingsvClickOK
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:106
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickOK
SaukhibtcdngbiPolicyny,trnClientsskhngthcuhnhliProxy
Settingscna
SaukhikimtraClientstrongLANchngtinhnthyiumongmunlProxySettingsbv
hiuha,nhngnidungvnl192.168.1.1viPort8080caISAServer.
MunthayiProxySetting,nhquntrssdngPolicycuhnhlim
khngcncuhnhtrntngClients.
Ghich:SaukhithayiPolicy,trnClientsmuntcdngngaylptcphiglnhGPUPDATE
/FORCEhoclnsaukhiClientsLoginsbnhhngPolicyny.Thcranhmquntrchngti
cthLogOffUsertxa,nhngvicnykhngcnthitvkhngcquynlmnhvy.
CuhnhProxySettingstrntngClients
ChngtisdngcchnycuhnhtrnccClientskhngthamgiaDomain.
ChngticuhnhtrnInternetExplorer.
ClickMenuToolsInternetOption
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
107
Telecom Network Solutions
CuhnhProxytInternetExplorerbngInternetOption
ChntipTabConnection
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:108
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnTabConnectionvtiptcchnLANSettingscuhnhProxychotngmyClients.
ClickLANSettings
ClickchnUsethefollowingProxySettings
KhaiboachIPcaISAServervPortsdngchoProxyl8080
inIPcaISAServerl192.168.1.1vPortchngtisdngl8080.
FirewallClients:LaiClientsnycncitmtchngtrnhtrnmyClients.
ClientscaISAServerchcthcitrnhiuhnhWindowsnnlaiClients
nychcbitdngchoWindows.ClientscaISAServerstoktninISA
ServerbngmtTunnelringcmhagilWinSOCKS,ttccctraffics
cchuynnISAServervISAServersngvaitrProxychottccc
laitraffic.ClientsccitchngtrnhFirewallClientscthtndngtnh
nngSingleSignOnviUserAccounttrnActiveDirectory.
CuhnhFirwallClientscncitthmmtchngtrnhtrnClients.Chng
trnhnyclytmtthmcSharetrnISAServer.ISAServerttoRule
chophpClientstrongInternalctruycpvoISAServerlytinguyn
Shareny.
KtnilnISAServertiach192.168.1.1lytinguyntrnthmcShare
MSPLNTvchytptinSetup.exe
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
109
Telecom Network Solutions
KtninISAServertiach192.168.1.1lyFirewallClientsvchycittrnmyClients.
ChytptinSetup.exe
Hanttchngtrnhcit
CuhnhISAServerClients
GachIPcaISAServervchnCheckNow
ChnTabWebBrowservClickConfigureNowISAClientstngcuhnh
IEProxySettings.
15. C bn v cu hnh trn ISA Server 2006
cuhnhtttrnISAServer2006cgicnnmc3vnchnhsau
y
NetworkDefinition:cISAServerhiulmtkhangachIPktnin
ISAServer.KhangachIPnyctmtNetworkName.ISAServers
qunlNetworknyquaNetworkNametrnISAServer.QunlNetwork
DefinitiontrnISA2006mcConfigurationNetwork
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:110
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
GiaodincuhnhNetworksDefinitiontrnISAServer2006
NetworkRule:quynhccmilinhgiaccNetworkstrongISAServer.Cc
NetworksnycISAServerktnivinhau.GiahaimngkhiiquaISA
Serverssdngmttronghaicchsauy:ROUTEhocNAT.
RoutingkhngthayiSourceIPkhiiquaISAServer,gitincginguyn
SourcevDestinationIPvcForwardnDestination.
NATthayiachSourceIPtronggitinvForwardnDestination.
DestinationchngtachthygitinntExternalInterfacecaISAServerm
khngbitcachIPthtcagitin.
AccessRule:quynhnhnglaitrafficnociquaISAServer.AccessRule
lthnhphnquantrngnhtcaFirewallISAServer2006.cgicnnm
vngAccessRulecthcuhnhttISAServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
111
Telecom Network Solutions
PhncuhnhchnhnhtcaISAServerlFirewallPolicynicuhnhttccciukincho
ISAServer.
TtcnhngbithchnhdcaohaythptrnISAServer2006ucthc
hinquaAccessRule.NhngtnhhungcaISAServer2006thcralskt
hpgiaccComponentscaAccessRuleComponenentsvinhau.
ToNetworkmitrnISAServer
KhicmtNetworkmi(mtNetworkIDmi)ktnitrctipnISAServer
chngtasphitomtNetworkDefintionmitrnISAServer.Network
DefinitionbaogmkhangachIPcaNetworkvttnchoNetwork
Definition.
Trongmhnhtrn,VietCERTcthmmtmngLANth2ktnivoISA
ServervmngDMZktnivoISAServer,chngtistinhnhto2
NetworkchoISAServer.
NetworkName
NetworkType
StartIP
EndIP
LAN01
Internal
192.168.1.0
192.168.1.255
DMZNetwork
Perimeter
203.162.23.32
203.162.23.47
ToNetworkLAN01
VoISAServerManagementConsole
ChntabConfiguration
ChntipNetwork
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:112
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhNetworkDefinitionbngISAServerManagementConsoletrnWindows2003
ChnTabNetworks
NetworkDefinitiontrongISAServerManagementConsoletrnWindows2003
TrncasTaskPanechnCreateaNewNetwork
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
113
Telecom Network Solutions
SdngNetworkTaskstoNetworkmitrongISAServerManagementConsole.
NetworkNamegLAN01
NetworkNamechngtitochoISAServerlLAN01qunlmngLAN01cahthng
VietCERT
ClickNext
NetworkTypechnInternal.InternalNetworkchoISAServerbitylmt
mngLAN(trustedNetwork)lmngcISAServerbovhantan.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:114
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LaiNetworksdngchoLAN01lInternal.InternalNetworksdngtrongLANvcISA
Serverbov(TrustedNetwork)
ClickNext
ClickAddRangethmkhangachIPangsdngtrongmngLAN01
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
115
Telecom Network Solutions
AddRangethmkhangIPcncuhnhchoISAServer.RangeIPcAddtrongkhangny
dngchomngLAN01
GkhangIPxcnhtrongbngtrn
KhangIPsdngtrongLAN01l192.168.1.0/24.ChtrongkhangIPnyphichacach
IPcaISAServerInterfacektnivimngny.
ClickOK
KimtralinhngIPADDcnmtrongcasWizardhaycha
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:116
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralikhangIPthmvoISAServerchomngLAN01
ClickNext
ReviewliqutrnhtoNetwork.Trongbcnycgicthxcnhl
mnhtonghaysaiccthngtincththayikpthi.
KimtraliNetworkLAN01vikhangIP192.168.1.0/24
ClickFinishktthcqutrnhtoNetwork.
ToNetworkDMZ
VoISAServerManagementConsole
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
117
Telecom Network Solutions
ChnmcConfiguration,chnmcconNetworks
CuhnhNetworksDefinitionstrongISAServer2006trnWindows2003.
ChntipTabnetworktrongcasgia
CcNetworkDefinitionstrnISAServer2003
TrongcasTaskPanechnCreateaNewNetwork
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:118
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToNetworkDefinitiontrnNetworkTasks
NetworkNamegDMZNetwork
NetworkNamechngtisdngchomngDMZlDMZNetwork
NetworkTypexcnhlPerimeter.PerimeterNetworkcnglmtmngLAN
trongISAServernhngPerimeterchaccServerctruycptInternetnn
cthxemnhkhngbomt.ISAServervccFirewallkhctchDMZ
(Perimeter)rakhimngLANvxemnhSemiTrustedNetwork.DMZ
NetworknucbtncngcngchcthleothangnccServertrongvng
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
119
Telecom Network Solutions
DMZ.ISAServersbovtuytiInternalNetworktrongtrnghpDMZb
tncng.
DMZNetworktngngviPerimeterNetwork
ClickAddRangethmkhangIPchovngDMZNetwork
AddrangethmkhangachIPchoDMZNetwork
AddressRangegnhcuhnhIPthngnhttrongkhach
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:120
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KhangIPchngtisdngchoDMZNetworklPublicIPcnh
ClickOKvkimtralikhangIPcuhnhtrongbngtrc.Vickimtra
nykhngtha,phichcrngachIPcaISAServercngnmtrongkhang
ny.
KhangIPchngtignchoDMZNetworkgm16achIPtnh.
ClickNext
KimtraliqutrnhcuhnhNetwork.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
121
Telecom Network Solutions
ClickFinishsaukhikimtralinhngphncuhnh.
ClickFinish
CuhnhNetworkRule
NetworkRulechoISAServerbitmiquanhgiaccNetworkvinhautrn
ISAServer.Nu2NetworkcnglaiIPssdngROUTEtrnISAServerkhi
tngtc.HaiNetworkkhclaiIP(Private/Public)ssdngcchNATkhi
tngtcvinhauquaISAServer.
XtnhngmiquanhcaccNetworkvinhautrongISAServermhnh
sau
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:122
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NetworkRuleschmiquanhgiaccmngvinhau.Khithitkhthngphinhntmtng
quanhthngxcnhkhinocnRoutevNAT.
ChngtathygiaccmngLANvinhaumangachIPPrivatestngtc
nDMZvmngInternet(ISAServerhiuInternetlExternal)bngcch
NAT.QutrnhNATssdngPublicIPcaExternalInterfacetrnISAServer
giaotipvimngInternet.
AllLANSofISAServerInternet:NAT
AllLANSofISAServerDMZ:NAT
Gia2mngLANcaISAServerlInternalvLAN01ktnivinhauquaISA
Server.HaimngLANnysdngcngliachIPlPrivateIPnnss
dngcchROUTEgiaotip
LAN01Internal:ROUTE
VcuicnglDMZNetworkviInternet.ChngtaxtvlaiachIPs
dngycnglPublicIPnnhaimngnysgiaotipvinhaubngcch
ROUTE.
DMZInternet:ROUTE
Ghich:DMZNetworkcthmangachIPPrivatehocachIPPublicty
theohthngcuhnhthno.NuDMZmangachPublicIPthmiquanh
viccmngkhccngcxt:nucnglai,sdngROUTE,khclais
dngNAT.DMZmangachPrivateIPsktniviInternetbngcchNAT
vPrivateIPkhngthtrctipiraInternetviPublicIPbngcchROUTE
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
123
Telecom Network Solutions
c.
ToNetworkRulegiaInternalvExternals
McnhISAServercmtRulegilInternetAccessgiaInternalNetworkv
External(Internet)sdngcchNATnnphnnychngtakhngcnto
NetworkRulechoInternalvExternal.
VoTabConfigurationchntipmcNetworks
CuhnhNetworkRulestrongphnNetworkscaISAServerManagementConsoletrnWindows
2003
ChnNetworksRulestrongcasDetailPane
ChnTabNetworkRulestrongphnNetworkschmiquanhgiaccmnggmROUTE/NAT
DoubleClickhocchnPropertiesInternetAccessRule
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:124
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
PropertiesNetworkRulehinticaISAServer.InternetAccesstInternalraExternalssdng
NAT
KimtraphnSourceNetworks
SourceNetworkbaogmInternalvVPNClients.VPNClientscngcxptrongkhangIP
Private.PrivateIPcmiquanhviPublicIPlNAT.
KimtraphnDestinationNetworks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
125
Telecom Network Solutions
DestinationNetworklExternalidinchomngInternet.
KimtratipTabNetworkRuletathysnsngvicchNAT.GiaPrivate
IPNetworkvPublicIPphisdngcchNAT.
TabNetworkRelationshipchmiquanhgiaccmng.NATthaythachSourceIPcagi
tin.
ClickOKngcasPropertiesli.Nhvychngtakhngcncuhnh
InternetAccesschovicNATInternalvLANraInternet.cuhnhInternet
chngtachcncuhnhAccessRule.
ToNetworkRulegiaLAN01vExternal
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:126
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LAN01sdngPrivateIPsktniviExternalbngcchNATtrnISA
Server.
NetworkRulechngtastogm
RuleName
SourceNetwork
Destination
Network
Relationship
LAN01<>
External
LAN01
External
NAT
VoISAServerManagementConsole
ChnmcConfiguration,chntipmcNetworks
CuhnhNetworkRulessdngNetworkstrongISAServerManagementConsole.
ChntiptabNetworkRulecuhnhmiquanhgiamngLAN01v
Internet
TabNetworkRulesquynhmiquanhgiaccmng
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
127
Telecom Network Solutions
ClicktrncasTaskPanecaISAServerchnCreateaNewNetworkRule
SdngNetworkTasktomtNetworkRulemi
RuleNamegLAN01<>External
MiquanhgiaLAN01vExternalslNAT.ChngtittnchoNetworkRulednhn
bit.
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:128
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SourceNetworkclickAddchnLAN01
ClickADDthmSourceNetwork
BrowsephnNetworksDefinitionvDoubleClickvoLAN01
SourceNetworkslLAN01.ISAServerdatrnachIPcaSourcePacketvsovikhanga
chIPcaNetworkLAN01
ClickClose
KimtraliNetworkvathmvoSourceNetworks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
129
Telecom Network Solutions
KimtraNetworkLAN01saukhiClickAddtrongNetworkComponents
ClickNext
ClickAddthmExternalvoDestinationNetwork
TiptcDestinationchngtichnExternalidinchoInternet
DoubleExternalvclickClose
ClickNext
TrongphnchnRelationshipchngtachnNAT2mngnyktnivi
nhaubngNAT.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:130
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
MiquanhgiaLAN01vExternallNAT.achIPSourcecagitincthaythbnga
chIPPubliccaISAServer.
ClickNext
ReviewliqutrnhtoRuletrongcascuicng,kimtrakphnnyc
thxcnhlitrongqutrnhto.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
131
Telecom Network Solutions
KimtralicuhnhvClickFinish
ClickFinish
ToNetworkRulegiaLAN01vInternal
HaimngLANktnivinhauquaISAServersdngcnglaiPrivateIPnn
ktnivinhaubngcchROUTE.
NetworkRulechngtastonhsau
RuleName
SourceNetwork
Destination
Network
Relationship
LAN01<>
Internal
LAN01
Internal
ROUTE
VoISAServerManagementConsole
ChnmcConfiguration,chnmcNetworks
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:132
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NetworkRuleccuhnhtrongmcNetworkscaISAServerManagementConsole.
ChntiptabNetworkRule
NetworkRulesccuhnhtrongTabNetworkRules
ClicktrncasTaskPanecaISAServerchnCreateaNewNetworkRule
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
133
Telecom Network Solutions
ToNetworkRulemibngTabTasktrongTaskPane
RuleNamegLAN01<>Internal
RuleNamehinthmiquanhgiaccmng.RuleNamechcgitrhinth,khngcgitrvi
ISAServer.
ClickNext
SourceNetworkclickAddchnLAN01
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:134
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmSourceNetworkchoRule
DoubleClickvoLAN01,clickClose
SourceNetworklLAN01gmkhangIPPrivatetrongLANcaVietCERT
KimtraliNetworkLAN01trongphnSourceNetworks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
135
Telecom Network Solutions
KimtraNetworkSourcesaukhiAddtcasNetworkComponents
ClickNext
ClickAddthmInternalvDestinationNetwork
DestinationcaRulenylInternalmngLANmcnhcaVietCERT
ClickNext
TrongphnchnRelationshipchngtachnNAT2mngnyktnivi
nhaubngROUTE.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:136
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Miquanhgia2mngnylROUTEkhngthayiachSourceIPcagitin.Network
Rulescuhnhctcdng2chiu
ClickNext
ReviewliqutrnhtoRuletrongcascuicng,kimtrakphnnyc
thxcnhlitrongqutrnhto.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
137
Telecom Network Solutions
KimtraliqutrnhcuhnhvClickFinish
ClickFinish
ToNetworkRulegiaccmngLANviDMZNetwork
DMZNetworkcaVietCERTlcnysdngPublicIPnnktniviccmng
LANsdngPrivateIPphidngcchNAT.
Ghich:nhiucgihichngtirngPublicIPvPrivateIPtrncngmt
ISAServertrongmngLAN,lcnyPublicIPvncharangaiInternetmch
truycpvotrongDMZthi,liuchngticthsdngcchROUTEkt
nickhng.Cutrlicachngtilkhng,vmcnhcclaiFirewall
nichungvISAServerniringkhngchophpsdngcchROUTEgia
PrivateIPvPublicIP.
NetworkRulegiaccmngLANvDMZsctonhsau
RuleName
SourceNetwork
AllLANS<>DMZ Internal
Destination
Network
Relationship
DMZNetwork
NAT
LAN01
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:138
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
VoISAServerManagementConsole
ChnmcConfiguration,chnmcNetworks
NetworkRuleccuhnhtrongmcNetworkscaISAServerManagementConsole.
ChntiptabNetworkRule
NetworkRulesTabcuhnhccmiquanhgiaccmng
ClicktrncasTaskPanecaISAServerchnCreateaNewNetworkRule
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
139
Telecom Network Solutions
SdngNetworkRuleTasktothmRulechoNetworkcamngLANvDMZNetworkvi
PublicIP
RuleNamegAllLANS<>DMZ
NetworkRuleNamegiaccmngLANviDMZNetwork
ClickNext
SourceNetworkclickAddchnLAN01vInternal
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:140
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmphnSourceNetwork
DoubleClickvoLAN01,doubleclicktipvoInternal
ChnLAN01vInternallmSourceNetworkchoRule
ClickClose
KimtraliSourceNetworks,phnnylhaichiu
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
141
Telecom Network Solutions
KimtraliNetworkSourcesaukhiADD
ClickNext
ClickAddthmDMZvoDestinationNetwork
DestinationNetworkslDMZNetworkidinchomngPerimetermangPublicIP.
DoubleDMZvclickClose
KimtraliDMZNetworkstrongphnDestinationNetworkscaWizard
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:142
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralimngDMZNetworkthmtrongWizard
ClickNext
TrongphnchnRelationshipchngtachnNAT2mngnyktnivi
nhaubngNAT.
MiquanhgiamngmangPrivateIPvPublicIPslNAT.NATthaythachIPcaSource
IPtrongPacketgiraISAServer.
ClickNext
ReviewliqutrnhtoRuletrongcascuicng,kimtrakphnnyc
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
143
Telecom Network Solutions
thxcnhlitrongqutrnhto.
KmtraliphntnghpRulevClickFinihs
ClickFinish
ToNetworkRulegiaDMZNetworkmangPublicIPviExternal
DMZNetworkcthmangPrivateIPhocPublicIP.TytheokiuIPcaDMZ
NetworkchngtassdngcccchNAThocROUTEtybin.
NuDMZmangPrivateIPkhiiraInternetssdngcchNATvDMZvi
PublicIPssdngcchROUTEkhirangaiInternet.
SourceNetwork
DestinationNetwork
Relationship
DMZPrivateIP
InternetPublicIP
NAT
DMZPublicIP
InternetPublicIP
ROUTE
TrongmhnhmngchngtiangsdngDMZviPublicIPnnscuhnh
NetworkRulenhsauchoDMZNetworkvInternet
RuleName
SourceNetwork
Destination
Relationship
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:144
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Network
DMZNetwork<>
Internet
DMZNetwork
External
ROUTE
VoISAServerManagementConsole
ChnmcConfigurationchnmcNetworks
NetworkstrongConfigurationsdngcuhnhNetworkRule
ChntiptabNetworkRuletrongcasDetailPane
CuhnhNetworkRulequynhmiquanhgiaDMZvExternal
ClicktrncasTaskPanecaISAServerchnCreateaNewNetworkRule
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
145
Telecom Network Solutions
ToNetworkRulebngTaskPane
RuleNamegDMZNetwork<>External
RuleNamechngtittrongWizardlDMZNetwork<>Externalhinthmiquanhtrong
Rule.
ClickNext
SourceNetworkclickAddchnDMZNetwork
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:146
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmSourceNetworkchoRule
DoubleClickvoDMZNetwork
SourceNetworkslDMZNetwork.
ClickClose
KimtraliDMZNetworktrongphnSourceNetworks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
147
Telecom Network Solutions
KimtraNetworkDMZsaukhithmvoWizard
ClickNext
ClickAddthmExternalvDestinationNetwork
DestinationNetworkcaRulelExternalidinchomngInternet.
DoubleExternalvclickClose
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:148
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraliExternallDestinationNetwork
ClickNext
TrongphnchnRelationshipchngtachnNAT2mngnyktnivi
nhaubngROUTE.TrnRouterktniInternetphicuhnhthmRouting
EntrychoRouterny.
Miquanhgia2mngnylROUTEvcngmangachIPPublic.
ClickNext
ReviewliqutrnhtoRuletrongcascuicng,kimtrakphnnyc
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
149
Telecom Network Solutions
thxcnhlitrongqutrnhto.
KimtraliRulevclickFinish
ClickFinish
SaukhicuhnhttcccNetworkRulechonhngmiquanhquaISAServer
2006,chngtakimtratngquanlilncuitrnISAServer2006
ClickISAServerchnConfigurationNetworks
ChnTabNetworkRulesvnhntngquannhngRuleto
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:150
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SaukhicuhnhtrnISAServer,chngtiClickApplytcdngcuhnhnyvoISAServer.
ClickApplychpnhnnhngthayiny,ISAServerscpnhtnhng
thngtinvNetworkRulesaukhangthigian5giy.
PhntiptheolcuhnhAccessRuledophctpcaAccessRulenn
chngtishngdntiptrongphnthchnhsau.
16. To Access Rule cho Clients truy cp Internet
AccessRulelmtphntrongFirewallPolicy.FirewallPolicygmAccessRule
vSystemPolicy.AccessRulequynhccnguyntccaTraffickhiiquaISA
Server.CnSystemPolicyquynhccctnhbomtvchpdngring
choISAServermthi.
ISAServercungcp2tnhnngchomththng,lSecurity(tnhnng
Firewall)vAccelerator(tngtcInternetbngtnhnngProxyServer).Mi
traffickhiiquaISAServerscISAServerkimtratheocctrnhtsau
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
151
Telecom Network Solutions
ISAServersdngAccessRulekimtrattccclaitrafficiquaISAServer.AccessRulel
phnchnhcncuhnhktrnISAServer.CcNetworkComponentskthplitothnhiukin
choAccessRule.
ISAServercmtuyticcTraffictngaivoISAServer.iviTraffict
trongmngLANraInternet,ISAServerskimtralnltxem
User/Computer/Protocol/Source/DestinationcaTrafficchplhaykhng
inmtAction(quytnhcuicng)lAllowhocDeny.Lnltttc
ccthngstrongPacketcaClientskhigirangaiscISAServerkim
trartk.AccessRulelkhungchuncciukinxcnhktqucui
cngcaPacket.
AccessRuletrnISAServerccutrcnhsau.AccessRulenypdngcho
ISAServer2004v2006,trnthitbAppliancelnApplicationtrnServer2003.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:152
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
AccessRulebaogmcciukin,khithamncciukinny,AccessRuleschoISAServerbit
quytnhnhthnovilungtrafficny:ALLOWhocDENY
NgaitrphnAllow/DenylAction,ccphncnlitrongAccessRulec
xemlthnhphncaRule(haygilComponents).Trong
Protocol/IPPort/Type:kiuPacketgitClientsraISAServer.Nhngthng
tinnyISAServersctrongIPTCPHeadercagitin.
SourceNetwork/IP,DestinationNetwork/IP:thngtinnyISAServerc
ctPacketcaClientsginISAServer.Datrnthngtinny,ISA
Serverxtxemchicciukinhaykhng.ylphnchnhmchngta
quantm.Source/DestinationchngtacthsdngNetworkDefinition
thaychotngachIPringl.Source/DestinationcngcxemlAccess
RuleComponent.
Schedule:ThngsnykhngcuhnhngaytronglctoAccessRulemchc
thtocsaukhicuhnhRule,thngquacasPropertieschngtac
thcuhnhScheduler.SchedulercnglAccessRuleComponent.
ContentType:PhnnychpdngvigitinHTTP.Nhngfilecchuyn
tiquagitindngHTTPsckimtradatrntnuicafile,hocda
trnngdncafiletronggiHTTP.HTTPlApplicationProtocols
dngTCPPort80.TngtnhScheduler,ContentTypekhngthcuhnh
trctiptronglctoAccessRulemphithngquacasPropertiescaRule.
User:xcnhUsernocphpsdngRuleny.UsercthlLocalUser
trnchnhmyISAServerhocUsertrnRADIUSServer,ringviISAServer
2006cthsdngmtLDAPServerthchinvicchngthcUsers.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
153
Telecom Network Solutions
CuhnhAccessRulethcralkthpccAccessRuleComponentslivi
nhaugmSource/Destination,User,Protocol,SchedulervContentTypevi
nhauccktluncuicnglAllowhocDeny.cuhnhAccess
Rule,chngtastinhnhtoccComponenttrc.
TmttccthnhphntrongAccessRule.xtAllowhocDenykhithamnngcciukin
trongRule.
ToNetworkObject
NetworkObjectlphnthngxuynsdngnhtvkhngththiuc
trongmtAccessRule.NetworkObjectcthlmtNetwork(mtmngLAN),
mtComputer(mytnhnodatrnachIP),AddressRange(khanga
chIP)hocmttphpccNetworkno(gilNetworkSet)chngtas
lnlttoccNetworkObjectchoISAServer.
ToComputer
ChngtisdngComputerNetworkObjectxcnhmtmytnhno
darnachIPcamytnhny.KhiISAServernhncgitinnsxc
nhComputernydatrnSourceIPcagitin.
VoTaskPanechnTabToolBox
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:154
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhNetworkObjectstrongphnToolBoxcamcFirewallPolicy.
ChnNetworkObject,nhngthnhphntrongnysngvaitrchnhtrong
AccessRule
McComputeridinchomtachIPtrongmng(hocngaimng)caISAServer.ISA
ServerkhngquantmnComputerNamemchbitnSourceIPcagitingiquaISA
Server.
ClickvoMenuNewchnComputer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
155
Telecom Network Solutions
ClickNewComputertomtmytnhmi,thcchtlmtachIP.
TrongcasComputerphnNamechlphnhinthObjecttrnISAServer.
ThngquaNmenychngtasqunlmytnhnytrnISAServer.Nameg
DirectorComputer
PhnIPchngtagachIPcamytnhcangTangimccngty
VietCERTl192.168.1.5
TomtComputermitrnISAServer.
ClickOK
KimtralitrongTaskPane,mtComputermicto
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:156
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraliComputersaukhitotrnISAServer.ComputersnmtrongmcComputersca
NetworkComponents
ComputernyhintichatcdnglnmtPolicynoc,chngtiscuhnh
sau.
ToProtocolDefinition
TrongISAServercsnrtnhiuProtocolnhngvnchapngnhucu
canhquntr.ChngtacthtothmccProtocolDefinitiontrnISAServer
chophpqunlnccProtocolkhngnmtrongdanhschsnccaISA.Mt
trongnhngProtocolmnhiungiquantmlYahooMessengervSkype.
YahooMessengersdngTCPport5050,5100v5000chobadchvChat,
VoicevWebcam.ChngtastomtProtocolmitrnISAServer.Chkhi
tochltoComponent,chathcsavoAccessRule.
VoTaskPane,chnTabToolBox
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
157
Telecom Network Solutions
CcProtocolthngdngnmtrongmcCommonProtocolscaNetwokComponents
ClickMenuNewchnProtocol
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:158
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToProtocolmichoNetworkComponentsbngcchclickNewProtocol
PhnNamegtnhinthlYahooMessenger.
ProtocolNamechngtitochoISAServerlYahooMessenger.Protocolnamechcgitrhin
th.
ClickNext
phnPrimaryConnectionchngtaclickNew
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
159
Telecom Network Solutions
ClickNewtothmConnectionchoProtocolny.
TrongcastoProtocolmichnkiuProtocollTCP
PortRangechyt5050n5050
ConnectionbaogmProtocol,PortsdngvhngcaTraffic
ClickOK
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:160
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TiptheoClickNew2lnnatotipProtocolDefinitionchoPort5100v
5000
ClickNewthmConnectionmichoprotocolYahooMessenger
TotipRangePort5100
Protocol,PortvhngcaTrafficsdngchoYahooVoiceChat
ClickNewtiptctoRange5000
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
161
Telecom Network Solutions
ClickNEWtothmConnectionchoYahooWebcam
RangePort5000hngOutbound
PortsdngchoYahooWebcam,hngvnlOutbound
KimtraliProtolsaukhito
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:162
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraliccConnectointochoProtocolYahooMessenger
ClickNext
phnSecondaryConnectionchngtakhngto,clickNext
SecondaryConnectionchngtikhngsdng.
KimtraliqutrnhtotrongcasReview
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
163
Telecom Network Solutions
KimtraliProtocolDefinitionvclickFinish
ClickFinish
iviSkypethProtocolsdnglTCPPort80HTTPnnkhngcntov
trenISAServermcnhhiucHTTP
ClickvoTaskPanechnTabProtocolDefinitionCommonProtocolxem
HTTP
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:164
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SaukhicuhnhProtocolchngtacththayibngcasProperties
ClickphichnPropertieshocDoubleClickvoHTTP
ChntabParametervxemPort,DirectionvProtocolcaHTTP
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
165
Telecom Network Solutions
HTTPProtocolmcnhcgnFilterWebProxychophpISAServerlccctrafficcaHTTPv
CachelichodClientssdngchcnngSecureNAT.
VchHTTPchngOutbound
ToUser
VoISAServerManagementchnmcFirewallPolicy
ClickchnToolBox,chntipphnUsers
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:166
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SdngToolBoxtrongFirewallPolicytothmUserDefinitionmi
ClickphichutchnNewUsers
ToNewUserDefinitiontrnISAServer
NhngUsernyscthmvoPolicy,UsercthlytrctiptWindows
User(SAMhocActiveDirectory).NamechngtichnStaffMemberscha
nhngAccountccnhnvintrongphnggimc.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
167
Telecom Network Solutions
StaffMemberschltnhinthchngtimuntotrnISAServerbaogmttcccUsertrong
phngTraining
ClickAddthmUservoComponentny
ClickADDthmUservoUserDefitnitionStaffMembers
ISAServercthsdngchngthcWindowsUser/Grouphocsdng
RADIUSServer.TrnRADIUSServerphicuhnhthmRemoteAccessPolicy
chophpnhmUserctruycp.RADIUSServertrnmtServerthamgia
DomainschophpISAServer2006chngthcbngDomainUsermkhng
cnthamgiaDomain.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:168
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThmUsertRADIUSServer.ISAServerhtrchngthcbngWindowsUser(SAMhoc
Domain),LDAPServerhocRSASecurID
ClickNext
ISAServer2006hinthmtcasnhcuhnh,chngtichnAllusersinthis
namespace
ChnttcccUsertrnRADIUSServer.
ClickOK
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
169
Telecom Network Solutions
RADIUSServercthmvoWizardvcISAServerhiuvitnStaffMembers
ClickNext
KimtralitrongcasReview
KimtraliUserSetvClickOK.
ClickFinish
TrongphnUserComponentsxuthinthmmtnhmUsersmangtnAllStaff
Members
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:170
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SaukhitoUserSetvkimtralitrongmcUserstrnToolBox
ToScheduler
SchedulersdngquynhkhinoRulenyctcdng.Schedulerc2
trngthiActivevInactive.
Tronggilmvic,nhnvincaVietCERTkhngcphptruycpInternet
tronggilmvic.Voginghtra,mingicthtruycpInternet.Chng
titothmmtSchedulerlngaigilmvicchoActiveRule,tronggilm
vickhngchoActiveRule.
VoTaskPane,ToolBoxvclickchnScheduler
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
171
Telecom Network Solutions
SchedulertrnISAServerchobitkhinoRulectcdng
ClickphichnNewScheduler(hocClickMenuNewchnScheduler)
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:172
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TothmSchedulerchoISAServerbngcchClickphichnNewScheduler
NamechlphnhinthtrnISAServer,chngtitlOutofwork
PhnActivechngtithitlpnhtronghnh,t11hn13hRulesActive.
ToSchedulertrnISAServerchcnquynhginoISAServercActive/Inactive.Scheduler
ClickOK
KimtraliSchedulervato
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
173
Telecom Network Solutions
SchedulerOutofworkvatotrnISAServercqunlbngmcSchedulertrongToolBoxx
SchedulernysckthpvimtAccessRulechophptruycpInternet
nhngchvogi11h13hkhiRulecActive.
ToContentType
ContentTypequynhkiudliuchuynquaHTTPTraffic.Contenttypexc
nhdatrnFileTypeExtension(tntptinmrng).
NgainhmR&D,VietCERTkhngchonhnvintruycpInternetv
Downloadbtktptinnockhnngchy.ChngtistomtContent
Categorybaogmttccctptinmrngckhnngchynh.EXE,.COM,
.MSI,.CAB(chatptinchy),.MSC
VoTaskPanechnTabToolBox
ChnmcContentType
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:174
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ContentTypetrongmcToolBoxquynhkiudliucchuyntiquaISAServer.Content
TypechtcdngviHTTPTraffic.
Contenttypetchccctptintheohngmc(gilCategory)
ContentTypecquynhsntrnISAServer.
ClickphichnNewContentTypeSettothmhngmcmi
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
175
Telecom Network Solutions
TomiContentTypebngContextMenucaToolBox
GtnCategorylExecutableFiles
PhnDetailsquynhnhngtntptinmrng,gtntptinvclickAdd
Thmvocctntptinmrngckhnngchycnhtrn
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:176
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TothmContentTypeCategorytrnISAServer.ContentTypenychtcdngtrnHTTPTraffic
ClickOK
Ghich:ttcnhngContentTypevatochpdngchoHTTPTraffic.
KimtraliComponentContentTypevato
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
177
Telecom Network Solutions
ContentTypeCategoryvatochinthtrongmcToolBoxtrnISAServer.
NhngContentTypenyscavoccPolicychngtacuhnhsau.
TnghpliccComponentvatocuhnhmtAccessRule
TiptheoccghpccComponentsnylivinhauthnhmtRuletrongmc
FirewallPolicy.NhngComponentsnyliukinchoISAServerquytnh
lAllowhocDenyRule.
tinchovictoRule,chngtiaramttnhhungcthnhsau:
Yucu1:KhangachIPt192.168.1.30n192.168.1.80lmycaccnhn
vin,vtronggilmvichchcsdngInternetCheckMailvkhng
csdngWebhocnghenhcOnline.
Cuhnh:cuhnhkhangachIP,chngtisdngAddressRange
trongToolBoxcaISAServer,quynhRangeIPl192.168.1.30n
192.168.1.80.
XtvProtocolthnhngClientsnychcthtruycpMailTrafficgmPOP3,
IMAP4vSMTP.ClientscthtruycptrctipbngachIPcaMailServer
hocsdngtnmin.Trongtrnghpdngtnmin,ClientsphicDNS
phngiitnminnntrongphnProtocolchngtischophpClientsibng
DNS.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:178
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SourceNetwork:CcClientstrongmngLANnhngkhngphittc,chgm
khangIP192.168.1.30n192.168.1.80nnSourceslAddressRange.
DestinationNetwork:MailServerhthngVietCERTsdnglMailOnline
ngaytrongvngDMZ.ClientstrongLANstruycpMailServerttiDMZ
caSiGnHQ.DestnationschnchnhxcachIPcaMailServertrong
vngDMZ.ClientschcthCheckMailtMailServertrongDMZca
VietCERtmthi.
Users:RulenypdngchottcccUsercaDomain,chngtimcnh
lAllUsers.
Scheduler:ChophpClientstruycpvoMailServertibtkthiimno,
tronggilmviccngnhginghnnchngtisdngSchedulermcnh
lAlways
ContentType:PhnnychpdngchoHTTPTrafficnnkhngcncuhnh
mcny.
TnRule
Protocol
Mailin
DNS
workhours
SMTP
POP3
Source
Network
Destination Users
Network
Address
203.162.23.34 AllUsers
Range
192.168.1.30
192.168.1.80
IMAP4
Ghich
Chcho
php
Clients
trong
khangIP
trntruy
cpvo
MailServer
trongvng
DMZ
CuhnhAccessRuletrnISAServer
ClickFirewallPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
179
Telecom Network Solutions
CuhnhAccessRulebngFirewallPolicy
TrongcasTaskPanechnCreateAccessRule
ToAccessRulebngTaskPane
NamegMailinworkhours.ChphnNamenysgipAdmincthqun
ltthnccpolicydomnhtora.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:180
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChngtitAccessRuleNamelMailinWorkhourschchophpUserssdngMailtronggi
lmvic.
RuleActionchophpiqua,chnAllow
ChophpUsersdngMailchngtichnActionlAllow
ClickNext
TrafficclickchnSelectedProtocol
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
181
Telecom Network Solutions
ClickchnSelectedProtocolsvClickADDthmProtocolvoRule.
ClickAdd
phnCommonProtocolchnvDoubleClickvoccProtocolDNS,SMTP,
POP3,IMAP4
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:182
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LnltchnccProtocoltrongNetworkComponentscaISAServerthmvoRule
ClickClose
ChcnhngProtocolsauycphpiquaISAServer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
183
Telecom Network Solutions
QuayliviWizardvkimtraProtocoltrongWizard
ClickNext
PhnSourceNetworkclickAdd
ClickADDthmSourceNetworkvoRule
KhangIP192.168.1.30n192.168.1.80chngtachato.totrctiptrong
lctoAccessRule,clickMenuNew
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:184
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThmkhangIPvoNetworkComponent.AddressRangegmmtkhangachIPdonhquntr
quynh
ChnAddressRange
TrongcasAddressRangegkhangIPnhtrongbngvphnNameg
ClientsNetwork
CuhnhAddressRangetrnISAServer,chngtittnlClientsNetwork
ClickOK
DoubleClickvoClientsNetworkvato
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
185
Telecom Network Solutions
SaukhiADD,ClientsNetworkchinthtrongNetworkEntitiescaISAServer.
ClickClosequayliWizard
AccessRuleSourcechngtithmkhangClientsNetwork
ClickNext
ClickAdd
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:186
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmDestinationchoRule
AccessRuleDestinationchngtichnExternalvDMZvMailServernm
InternetvctrongvngDMZ.
ChnExternalNetworkvDMZNetworkthmvoDestinationchoRule
ClickClosequayliWizard
KimtraliRuleDestinationgmnhngmngDMZNetworkvExternal.
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
187
Telecom Network Solutions
PhnUsersmcnhAllUsers
UserSetchngtichottcmingiucphpsdngRuleny.ChnAllUsers
ClickNext
ReviewliqutrnhvatocthsanhngsaistbngcchClickBack
KimtraliAccessRulegmcclaiProtocolnovClickFinish
ClickFinishktthcqutrnhtoRule.
TrongcasFirewallPolicygiyxuthinthmmtRulemimangtn
MailinworkhoursvchphnOrder,Rulenyangmangs1.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:188
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
VoFirewallPolicykimtraliRulevato
CuhnhChatvWebRule
Yucu:NhnvinngaigilmviccthsInternetdngWebvChat
bngYahooMessenger.TuynhintrnYahooMessengernhnvinkhngc
sdngchcnngSendfilevibtkdngno.
Cuhnh:
Protocol:YucutrnchchosdngWebdngHTTP,YahooMessenger
nhngkhngchochcnngSendFilecngnhkhngcxemphimonline
dngStreamingMedianhWMVhocWMA.Phnnythcrakhngkh,
nguyntchatngcaFirewalllchchophpnhnggcnthit,cnlil
khattc.
Source:cnglClientsNetwork,pdngviccmycontrongkhangach
IPt192.168.1.30n192.168.1.80.
Destination:WebServerClientsstruycplcnynmtrnmngInternetnn
khngthxcnhcthachIPnoscgn,chngtisdngNetwork
ExternalidinchoInternet.
Users:AllUsers
Scheduler:ChbtRulenyngaigilmvict11h13hnnSchedulerOutof
workscsdng.Schedulernychngtatotrongphntrccabi
thchnhny.
ContentType:ChophpdngInternetnhngkhngchoDownloadhocSend
FilennphithchincmtrnContentType.PhnnychpdngviHTTP.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
189
Telecom Network Solutions
ChngtichchophpdngWebcphpsdng.ViYahooMessengerlc
nyphignthmmtApplicationFilterWebProxyFilterchoProtocolYahoo
MessengercthtcdngContentTypevoProtocolny.
TnRule
Protocol
Source
Network
Webwhile
Free
DNS
Address
External
Range
192.168.1.30
192.168.1.80
HTTP
Yahoo
Messenger
Destination Users
Network
HTTPS
AllUsers
Ghich
Chophp
truycp
Internet
tronggi
nghnhng
khngcho
sdng
chcnng
Download.
CuhnhtrnISAServer
VoISAServerManagementConsole
ChnFirewallPolicy
DngchcnngFirewallPolicytothmAccessRulechoISAServer
TrongcasTaskPanechnCreateNewAccessRule
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:190
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToAccessRulebngNetworkTaskstrongmcFirewalPolicy
RuleNamegWebwhileFree
RuleNamechngtitlWebhilefreechophpnhnvinsdngInternettronggiri
RuleActionchnAllowchophpquaISAServer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
191
Telecom Network Solutions
ActionchnAllowchophpnhnvinctruycpInternet.
ProtocolclickchnSeletedProtocolvClickAdd
ChnSeletectedProtocolvclickADDthmProtocolvoRule.
TrongphnComponentDoubleClickvoccProtocolHTTP,DNS,HTTPSv
YahooMessenger.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:192
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
YahooMessengerProtocolchngtitotrongphnProtocolDefinition
ClickClosequayliWizard,kimtraccProtocolvathmvoPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
193
Telecom Network Solutions
CcProtocolchngtithmvoRule.NguyntccanhquntrkhicuhnhFirewalllch
chophphnch,khinothiuProtocolchngtacththmsau
ClickNext
PhnSourceclickAdd
SourceNetworkchoRule,ClickADDthmvoRule
TrongmcAddressRangechnClientsNetworkchngtatochakhang
achIP192.168.1.30n192.168.1.80.
ClickADDvoClientsNetworkthmvoRule
ClickClosequayliWizard
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:194
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraliNetworkClientsNetworksaukhiquayliWizard
ClickNext
PhnDestinationchngtachophpccClientsnyraInternetnnsaddvo
ExternalNetwork.ClickAddchnmcNetworks
ClickADDthmDestinationvoRule
DoubleclickvoExternalvDMZNetworks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
195
Telecom Network Solutions
ChnmngExternalidinchoInternetvoSource
ClickClosequayliWizard
KimtraliNetworktrongphnDestinationtrongRule.
ClickNext
PhnUserschophptanbUserscthtruycpcInternetnnchngti
chnAllUsers.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:196
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
UsersettcdngchoRulenylAllUserschophpttcccUsertrongLAN
ClickNext
KimtraliRulesaukhicuhnhvclickFinish
Reviewqutrnhcuhnh
ClickFinish
SaukhicuhnhtoRule,chngtitiptccuhnhSchedulervContent
Type.SchedulervContentTypechcthcuhnhbangcasPropertiesca
Rulesaukhitoxong.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
197
Telecom Network Solutions
VoFirewallPolicyclickchnRulecncuhnh.RulecachngtatnWeb
whilefree
ClickphichnProperties
SdngFirewallPolicyvPropertiesRuletothayinhngphncuhnh
ChnTabSchedulervclickchnSchedulerOutofworkchngtatotrong
phntrccabithchnhny
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:198
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TcdngSchedulerchoAccessRulesaukhitoxongbngcasProperties
ClickchntipTabContentTypevkhngchnAllContentmchnthe
FollowingContent
ClickchnnhngContentnokhngchophpnhApplications,Documents,
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
199
Telecom Network Solutions
ChnContentTypechoRulesaukhitobngcasPropertiescaRule
ClickOKngcasPropertiescaRuleli
KimtraliPolicytrongcasDetailsPane
iukinvacuhnhthmchoAccessRulelAllUsersvOutofwork
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:200
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
AccessRulechoDMZmangPublicIP
Yucu:CcServertrongvngDMZcphptruycprangaiInternetv
UsertInternetcngcthtruycpvoccServertrongvngmngDMZca
VietCERT.Tuynhincclaitrafficcngphihnch.NhnglaiTrafficsau
yscsdngDMZvInternetlMail,Web,Videoonlinechoccan
phimHosttiVietCERTphcvchotrangwebvietnamlab.com
Cuhnh
Protocol:SdngWebchngtascuhnhHTTP,HTTPSvInternetUser
ctruycpFTPServernnProtocolFTPcngsccuhnh.Streaming
MediacISAServerhtrsntrongphnProtocolDefinition.Ngaira
phnMailnmtrongphnCommonProtocolcngcISAServerhtr
sn.
Source:pdngchoccServertrongvngDMZ.MngDMZcchngta
tosntrnISAServerphnthchnhtrcmangtnDMZNetworkv
ngclitrongSourcecngcExternalchophpInternettruycpvoccServer
trongvngDMZ.
Destination:DMZctruycpInternetvngclinnphnDestinations
baogmDMZNetworkvExternal.
Users:AllUsers
Scheduler:DMZServerlunsnsngphcv24/7nnSchedulerchngtichn
Always
ContentType:ChophpttccclaitptincchuynbngHTTPquaRule
nynnchngtichnApplytoAllContentType.
NidungcaRulechngtastonhsau
TnRule
Protocol
Source
Network
Destination Users
Network
Ghich
DMZand
Internet
DNS
DMZ
Network
DMZ
Network
External
External
DMZv
Internet
cphp
truycpln
nhautrong
mithi
im.
HTTP
Streaming
Media
AllUsers
HTTPS
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
201
Telecom Network Solutions
CuhnhtrnISAServer
VoISAServerManagementConsole
ChnFirewallPolicy
SdngFirewallPolicycuhnhAccessRule
TrongphnTaskPanechnTabTask,clickNewAccessRule
TothmAccessRulebngTaskPanetrongISAServerManagementConsole.
RuleNamegDMZandInternet
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:202
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RulenamechngtitoDMZandInternetquynhtrafficgiaDMZvInternet
AccessRuleActionchnAllowchophpServerstrongvngDMZtruycp
Internet
ChnAllowchophptrafficiquanukhpvicciukintrongRuleny
ProtocolclickchnSeletedProtocolvClickAdd
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
203
Telecom Network Solutions
ClickADDkhichnSelectedProtocolthmvoccProtocolchophpiquaRuleny.
TrongphnComponentDoubleClickvoccProtocolHTTP,DNS,HTTPSv
StreamingMedia.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:204
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThmProtocoltrongmcStreaming
ClickClosequayliviWizard
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
205
Telecom Network Solutions
ClickNext
PhnSourceclickAdd
ClickAddthmSourceNetworkchoRule
TrongmcAddressRangechnDMZNetworkvExternal,Rulenyscho
phptruycp2chiu
ChnSourceNetworklDMZNetworktrongcasNetworkEntities
ClickClosequayliviWizard
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:206
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraNetworkSourcesaukhiAdd
ClickNext
PhnDestinationchngtachophpDMZNetworkvExternalctruycpln
nhau
ClickAddthmNetworkvoDestinationcaRule
DoubleclickvoExternalvDMZNetwork
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
207
Telecom Network Solutions
ThmNetworkDMZvoRule
ClickClosequayliviWizard
NetworkDMZvExternalscxttrongRuleny
ClickNext
PhnUserschophptanbUserscthtruycpcInternetnnchngti
chnAllUsers.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:208
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TtcccUserucsdngRuleny
ClickNext
Reviewqutrnhcuhnh
KimtralncuikhiClickFinish
ClickFinish
NhngRulecuhnhuctht,nhngthtnyscxtkhic
trafficiquaISAServer.NhngPolicysaukhicuhnhcththayibngca
sProperties.CcRulecchatrongphnFirewallPolicy.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
209
Telecom Network Solutions
ChnhngbiutngcnghatrnISAServerManagementConsolebitRuleang
trngthihatnghaykhng
SaukhixemvkimtrachnhxccanhngPolicyvato,clickApply
chpnhnsthayitrongISAServer.
ClickAPPLYluccthngscuhnhtrnISAServervchochngctcdng
Ghich:PhncuhnhAccessRulenhvyxemnhtmn.DMZNetworkmangachIPPublic
nnsiviInternetbngROUTING.KhiRouting,ISAServerkhngsdngchcnngNATnn
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:210
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
khngcnphisdngchcnngPublishingRule.PublishingRulesdngProtocolvihngi
Inbound.
NgainhngPolicytora,khicnhucucuhnhtrnISAServerchngti
stinhnhtotipPolicydatrnnhngthnhphncbntrongISAServer
tiptcto.cgichcnnmvngvhiucccthnhphncaISA
Serverlcthcuhnhtttrongmitnhhung.
17. Backup Access Rule
CcAccessRulesaukhicuhnhxongnnclulibngvnbnnhchng
tiphntchtrn.RingISAServerhtrchcnngBackupRule(thccht
lqutrnhExport).KhicuhnhFirewall,viccnthitlcuhnhngRule,
tiptheolBackupccRulegilicthphchihocImportvomt
Firewallkhc.
ClickvoFirwallPolicy
CuhnhAccessRulebngFirewallPolicy
TrongcasTaskPanechnExportFirewallPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
211
Telecom Network Solutions
XutFirewallPolicygmccAccessRulethnhFile
ClickNextvchnExportConfidentialInformationvgPasswordbov
tptinXMLny.
PhnAccessRulequantrngnhttrngnhttrnISAServernnbnphitPasswordbo
mthngtinkhngbl
ClickBrowsevchntptinlutrAccessRule
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:212
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnnilutrtptinXML
ClickOpenluli
XcnhngdnlutptinXML
Reviewlinhnggcuhnh
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
213
Telecom Network Solutions
NidungtptinXMLscmha
ClickFinish
ISAServersthngbochoUserkhixutxongtptinXML
QutrnhxuttptinXMLthnhcng
MtptinXMLxutbngNotepadxemcuhnhcluthno
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:214
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SdngNotepadxemnidungcctptinXML
NotepadhinthcctptindngPlainText
MnidungtptinXML,tptinnycmha
CctptinBackupnyscsdngImportlivoISAServerkhigps
chcImportvomtISAServerkhcgingcuhnhchun.
XMLlg?
XMLvitttcacheXtensibleMarkupLanguage(ngnngnngcpcth
mrng)lmtbquilutvcchchiamttiliuralmnhiuphn,rinh
duvrpccphnkhcnhaulidnhndinchng.cchobiT
hpWebtoncu(W3C),XMLtrthnhmtcimkthutchnhthc.
ThpWebtoncuW3CgiXMLlmtcphpthngdngchovicbiuth
cutrctrongdliu.Dliuccutrcthamchiundliucgn
nhnchonidung,ngha,hoccngdng.
Vd:TrongmttrangWebtadngnhngTagPairs(cpnhnhiumng)
nhdunh<BODY>v</BODY>.HyquanstmttrangWebdiy:
<HTML>
<HEAD>
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
215
Telecom Network Solutions
<TITLE>WelcomeToLHng</Title>
</HEAD>
<body>
<H1>nhNgha</H1>
A:Saoanhlictdyinphnghp?<BR>
B:Vdyinnhtithiumtmtkhc.<BR>
A:Nhvyllycnglmt!<BR>
B:Khng,nhvyllydinuingn!<BR>
</BODY>
</Html>
TrongHTMLWebpageccTagPairucnhnghatrcvkhngcha
ngnghagvdkinmchngkpbntrong,trtrnghpchoTITLE.
ThdH1cnghadisplayhngchbntrong(nhNgha)theoclnnht,
nhnghngchycthlbtcthg,khngnhtthitphilt(nh
Ngha)y.CnXMLthchophptatdottnccTagPairdngkhi
cn.Nutnhra,DynamicHTMLcnkhong400Tagsmnumundngta
phinhht.Trongkhi,XMLkhngcgiihnvconsTagsvtakhng
cnphinhTagnoc.nghacaccTagrtlinhngvtacthspxp
cctagscaXMLtheoloichohpl.ThdmunlmmttrangXMLvmn
VnhctacnnhngTagdintnhnvt,ngysanh,ngyt,...
ThamkhothmXMLtitrangwebEchip
http://www.echip.com.vn/echiproot/weblh/ctv/2001/lehung/xml/xml.html
18. Import cc Access Rule
QuamtISAServermihoccuhnhliISAServercsaukhigpscphi
citliFirewallchngtacthsdngchcnngImportSettingstcctp
tinXMLcuhnhsn.CctptinXMLnythcraltptinluccthngs
AccessRuleschngtaxutrabngWizardExport.
VoISAServerManagementConsole
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:216
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhAccessRulebngFirewallPolicy
ChntipmcFirewallPolicy.ISAServerhtrImportcuhnhcatngphn,
nucgimunImportcaphnno,vongphnthchinImport.
TrongbithchnhnychngtaImportAccessRulevomtISAServermi
chaccuhnh.
ImportFirewallPolicyttptinXML
ClickImportFirewallPolicytrongcasTaskPane
ChnngdnlutptinXML.CthsdngchcnngBrowsetmtp
tinXML.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
217
Telecom Network Solutions
ChnngngdnXMLlucuhnh
ClickNext
KhngclickchnOptionImportServerSpecificInformation
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:218
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ImportnhngthngtincharingchoServerny
ClickNext
NhpPasswordcatptinXMLcthitlptronglcxutcuhnhtISA
Server.Passwordcachngtatrongbithchnhnyl12345678
NhpngPasswordkhilutptinXML.TptinXMLlutrPasswordtrongchnhtptin
didngHASHMD5
ClickNext
ClickReviewliqutrnhlm
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
219
Telecom Network Solutions
QutrnhImportthnhcng
ClickFinish
KimtraccPolicycImport
KimtratanbnidungcAccessRulesaukhiImport,trvtrngthinhbanulcBackup
tptinXML
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:220
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Ghich:khiImportphithchintuntccComponentstrc,sauminphnNetwork,
NetworkRules,AccessRulevSystemPolicies.
19. Phn tch c ch NAT ca Network Rule
NATvROUTElmttrong2cchcaISAServerkhiccmnggiaotipvi
nhau.NATsdngtrongtrnghp2mngcaISAServersdng2laiIP
khcnhaulPrivateIPvPublicIP.
PrivateIPcsdngtrongmngLAN
PublicIPcsdngrngritrnmngInternet.MiHosttrnInternet
mangmtPublicIPvlduynht.
CchNATthayiachSourceIPcagitin
CchNATschuynachIPPrivatetrongLANthnhachIPPublicca
ISAServerkhigitinnyiquaISAServervirabngInterfaceExternalca
ISAServer.
TronghthngmngnucPrivateIPvmunsdngInternetbngmta
chIPtrnISAServer(PublicIP)nnphisdngcchNAT.achSourceIP
cagitinscthaythbngachIPPublictrnExternalInterfacecaISA
Server.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
221
Telecom Network Solutions
HthngLANmangPrivateIPphisdngcchNATkhiraInternet
KhiClientsgigitinPINGnWebServer,achIPthucsl
203.162.24.33lachIPcaExternalInterfacetrnISAServer.
VgiavngDMZ&InternalsktnibngNATquaISAServer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:222
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DMZNetworkmangPublicIPnnmngLANcngphisdngcchNAT
SdngEtherealbtgitin,chngtacSourceIPlachIPcaInterface
ngaitrnISAServer.
Hnh
MunsdngcchNATtrnISA,chngtasdngchcnngNetworkRule
trnISAServer.
PropertiesNetworkRuleInternetAccesstrnISAServer,kimtraphnNetwork
RelationshiptathyangchNAT
HinthRulemcnhtrnISAServerchophpClientstruycpInternetbngcchNAT
20. Phn tch c ch Routing ca Network Rule
ISAServerquacchNetworkRulesquytnhgitincForwardbng
NAThayROUTE.NuchnROUTE,SourceIPcginguynkhiiquaISA
Server.ChngtasdngROUTEtrongtrnghpccNetworksdngcng
laiachIPPrivate/PrivatehocPublic/Public
ISAServercvngDMZNetworkmangPublicIP,khangIPnysktnivi
InternetquacchROUTING
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
223
Telecom Network Solutions
DMZNetworkmangPulbicIPsdngROUTEgiaotipviInternet.
ThngtinvROUTEcthctmttnhsau
ROUTEchchuyngitinnhngkhngthayinidungcaphnSourceIP
GitintDMZNetworkginWebServerngaiInternetsmangSourceIPl
203.162.23.34cachnhServertrongvngmngDMZgira.ROUTEkhngthay
iachSourceIPcaginntWebServersnhnthygitinntServer
trongvngmngDMZ.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:224
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGIV
Cu hnh cc tnh nng Firewall trn ISA
Server 2006
ISA Server 2006 bao gm 2 phn Internet v Security. ISA Server 2006 c th hat ng n
thun nh mt Proxy Server cho chc nng Caching Web, hoc cao cp hn v l tnh nng
chnh ca ISA Server 2006 l Firewall tng Application (Application Firewall)
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
225
Telecom Network Solutions
21. Phn tch cu trc ca mt gi tin
MhnhOSIgm2phn,mtcaTCP/IPgm4lpchnh
MhnhTCP/IP
VmtlchuncaISOgm7lp
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:226
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
MhnhOSILayervsosnhvimhnhTCP/IPchngcstngng
Dliucnggi(Encapsulation)tmygi(Sender)vMgi(De
Encapsulation)mynhn(Rereiver).TrongqutrnhEncapsulation,dliu
cgiquacclpkhcnhaucaOSILayer,miLayerccutrcdliu
khcnhaunnchngtacccutrcdliuiquacclpny
TcckiudliuvProtocolhatngtngny,chngtacthxydng
ccutrcgitinchunnhsau
Cutrcchuncamtgitin
TrongTCPHeaderccutrcchititnhsau
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
227
Telecom Network Solutions
TCPheadertheotiliuRFC
VIPHeaderccutrcchititnhsau
CutrcIPHeadertheotiliuRFC
HocICMPHeader
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:228
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CutrcmtICMPHeadertheoRFC
ARPHeader
ARPHeader
Phncnlildliucagitin
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
229
Telecom Network Solutions
Ethereal(cbitvitnWiredShark)dchnidungcaccgitinthnhngnngcthc
hiuddng.
ChngtacthsdngcngcEtherealbtliccgitinvxemcutrc
can.TrnEtherealc3phncaschnh:Tngquanslnggi,chititgi
dngReadablevchititgidngHEXvBIN.
TngquangiaodinEthereal
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:230
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SdngEtherealcthchochngtaxemcutrcgitin,vphnchngta
thngsdngchnhlcasgiacaEthereal(cutrcchititdng
Readable)
XemnidungcamtTCPHeadercdchbngEthereal
SaukhicaptureccgitinbngEthereal,chngtacthlulitptinnydi
dngFile.CAPvsaumraphntchsau.Tptin.CAPcthtngthch
vichngtrnhNetworkMonitorcaWindowsServer2003.
SoviNetworkMontor,Etherealmnhhnnhiuvphnhinthvccchc
nnghtrkhiphntchgi.Etherealphnlaigitintheomugipnhqun
trddngnhndnglaigitin.
CngcNetworkMonittortrnWindows2003cngcthsdngquanstthngtintrnmng
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
231
Telecom Network Solutions
LAN
VchcnngFilterphngiccSessionringbit,tinchovicphntch.
EtherealctnhnngMonitortheoSessionvchhtrnuktnibngTCP.UDPkhngc
Session
TiptheoEtherealshinthnidungcaccgitintrongSessionnydng
PlainText
NidungcaSessionschinthbngPlainTexttrnEthereal
lmvicctiviEthereal,chngtikhuynbnnntmccun
SyngressEtherealPacketSniffing
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:232
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
cgicththamkhothmEtherealvitiliuEtherealPacketSniffingcanhxutbn
Syngress
CutrcgitinTCP/IPscgiquaISAServervISAServerphntchda
trnIPHeader,TCPHeadervcphnApplicationDatavISAServerlmt
ApplicationFirewall.
22. Phn lai cc Firewall
DatrnlaidliumFirewallphntchcchngtaxpcclaiFirewall
vocctngkhcnhaucaOSILayer.CnhnglaiFirewallcbnvlthuyt
l:PacketFiltervApplicationFirewall(ngairacnnhnglaiFirewallkhc
chngtikhngnhcny)
PacketFilter:phntchPacketdatrnTCPHeadervIPHeader,ngairalai
FirewallnykhngphntchcdliutngApplication.PacketFilterhat
ngtng3vhuhtccRouteructnhnngny(haycngilAccess
List)
ApplicationFirewall:HatngtngApplicationtrongmhnhOSI.
ApplicationFirewallcthphntchcUserDatatrongphnDatacaPacket
giquaFirewall.ThngthlaiVirus,Trojan,WormvKeyLoggersdng
phnApplicationDatachuyndliu.ISAServerlmtvdca
ApplicationFirewall.ISAServerlcttnhtccgiHTTP(HTTPlmt
ApplicationProtocolsdngTCPPort80).
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
233
Telecom Network Solutions
23. Cu hnh Perimeter Network
PerimeterNetwork(DMZNetwork)cthtmdchlvngphiqunsvtrong
vngnychaccServerchophpInternetUsertruycp,nhngccServerny
vnnmtrongsqunlcaLANAdmin.Perimeterthcralmtphnca
mngLAN,nhngvkhngantanlmkhichonhngServernynmchung
trongphnmngLANcncbomttuytinnccnhquntrtchra
thnhmtkhuvcmngringgilDMZ.
DMZNetworkcktninISAServerbngmtInterfaceringbit.Trn
ISAServerphitomtNetworkmivtrongNetworknychakhangach
IPcanhngServernmtrongvngDMZ.
XtvachIPcaDMZServer,nhngServernycthsdngachIP
PublichocIPPrivateuc.KhisdngachIPPublic,Serversc
truycptrctiptInternetthngquacchRoutecaISAServer.Vnus
dngPrivateIP,InternetUserstruycpServernythngquaPublicIPcaISA
ServervcNATvoServertheomtPortno(cchNAT).
RoutingtrnISAServercthchinnhmttrafficbnhthngittrong
LANrangaiInternetnhngchkhcliSource/DestinationtLANthnh
Internetvngcli.HngcatrafficivnlOutbound.
NusdngPrivateIPtrongDMZ,ISAServerssdngtnhnngPublishing
RulechophpInternetUsertruycpvoDMZquacchNAT.Traffics
dngviPublishingRulechnglInbound.
PhncnlicuhnhchitittrnISAServerchngtastmhiutrongccbi
thchnhchitithn.
24. S dng Network Templates
ISAServerginlcccbccuhnhchonhquntrnmctithiu.Thng
thngnhnglibomttrnhthng,Firewallnhnchungldolitrongqu
trnhcuhnhcanhquntr(MissConfiguration)chophpHackerxmnhp
triphpvohthng.BnthnISAServervccFirewallkhcnuc
Updateythvictncngcthnilkhcththchinctrkhili
lmihantan.
TrnISAServerccungcpsnccTemplatecthtthitlphthngv
cuhnhISAServertheonhngmhnhmngchun.KhichyccWizardny,
ISAServerstngcuhnhvnhquntrsphicungcpthngtinvo
Wizard,phncnliISAServerscuhnhtng.
VomcConfigurationNetworks
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:234
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrongphnTaskPanechnTabTemplates
ChnmcTemplatestrnISAServerManagementConsole.
XemquaccTemplatestrongISAServer2006gmccmhnh
ISAServercungcpccTemplatevicuhnhchunchongidng
ChngtascuhnhISAServer2006bngTemplateEdgeFirewal
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
235
Telecom Network Solutions
MhnhFirewalEdgehaycngilBastionHost
ClickEdgeFirewalltrongphnTaskPanescmtcasWizardxuthin
Tiptheoccthngtintrongcasny
ISAServerscnhbongidngnuccthngstrnISAServercuhnh
trc,vqutrnhcuhnhbngTemplatessghittcnhngthngtintrn
ISAServerhinti.Trongqutrnhlm,ISAServerchophpngidngs
dngchcnngExportlulitanbcuhnhtrnISAServercamnhri
mitiptc.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:236
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrckhicuhnhbngTemplate,ngidngcthxutcuhnhhintithnhtptinXML
ClickNext
CuhnhkhangachIPPrivatesdngtrnISAServer.ClickAdd/modify
thmhocikhangachIP.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
237
Telecom Network Solutions
CuhnhNetworkRangebngTemplate
ClickNext,chnAccessRulespdngchoClients.ISAServercchthchcho
ngidngcasDescriptionbndi.Saukhicuhnhchngtiphikim
tralinhnggISAlmcngvinhucuhaykhng,vsauthayicho
phhpvitngtnhhungcth.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:238
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
nviccuhnhAccessRulecngbngTemplate
ClickNext,xemliqutrnhcuhnhvClickFinish
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
239
Telecom Network Solutions
KtthcWizardcuhnhNetworksdngTemplate
ClickFinish
QuayliISAServerkimtraphnFirewallPolicychngtithyISAServercu
hnhhpl.NhngTemplatestrnISAServercthxemlcuhnhchunnu
bnmunthamkho.
NhngAccessRulecuhnhbngNetworkTemplateccuhnhrtbibnnhngkhcbn
TiptheochngtikimtraNetworkInternalcuhnhnghaycha
PhnNetworkthayingnhnhnggkhaibotrongWizard
NetworkDefinitioncngccuhnhtNetworkTemplate
25. Cu hnh System Policies
SystemPolicychaccthngtinlinquannbomttrnISAServer2006v
chpdngchochnhISAServer.SystemPolicylmtphncaFirewallPolicy.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:240
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
FirewallPolicygmhaiphn:AccessRulevSystemPolicy.SystemPolicykhng
tcdngnccClientsinhocquaISAServermchtcdnglnchnh
ISAServer.SystemPolicycngkhngthngxuynsdnglmvchnhISA
Servercthitktheokiulunantan.Trnhnhnglibomtdovic
cuhnhsaicanhquntr.
CuhnhSystemPolicybngFirewallPolicy
VoISAServerManagementConsolevchnmcFirewallPolicy
CuhnhSystemPolicytrongmcFirewallPolicy
ClickvoTaskPanechnEditSystemPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
241
Telecom Network Solutions
ChnEditSystemPolicybngmcTaskPane
GiaodincaSystemPolicynhsau
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:242
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TngquanvSystemPolicytrnISAServer2006
NhnIPtExternalDHCPServer(Router)
ISAServercExternalInterfacesnhnIPtDHCPServertrnADSLRouter.
achIPthttADSLRouterschuynvISAServer.McnhSystemPolicy
chchophpISAServernhnIPtmtDHCPServernmtrongvngmng
Internal.
ISAServernhnIPngtRouterchngtisdngphngphpnynhnIPthttRouter
trongtrnghpkhchhngmunsdngISAServerlmVPNServer,WebServerPublishing
trnngADSL.
MunISAServernhnIPtmtDHCPServerbnngaimngLANthphicu
hnhSystemPolicytrnISAServer.yc2cchcuhnhlchngtasthm
mngExternalvoSystemPolicyhoccuhnhComputerlachIPcaADSL
Router.ChngtiscuhnhComputercuhnhcthIPcaRouterADSLv
nhvybomthn.
ClickAdd
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
243
Telecom Network Solutions
CuhnhiukinchoSystemPolicy
TrongcasComponentchngtichntipComputervclickphichnNew
Computer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:244
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToNetworkObjectlmiukinchoSystemPolicy
NametnADSLRoutervachIPl10.0.0.2lachIPcaRouterADSL
ToComputerlmiukinchoSystemPolicy
ClickOK
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
245
Telecom Network Solutions
KimtraliComponentvatotrongcasComponentphnComputer
DoubleclickvoADSLRouterComputerAddComponentnyvoSystem
Policy
ComputersaukhitonmtrongphnNetworkObjectvcthsdngchoSystemPolicyhoc
AccessRule
ClickOKngcasAddnyli
KimtralinidungchngtathySystemPolicychophpISAServernhn
IPtRouterADSLmangachIP10.0.0.2
trnhsaistkhinhnIP,chngtilaibNetworkInternalrakhiSystem
PolicybngcchLickRemove
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:246
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LaibNetworkInternalsaukhithmComputermangachIPcaRouterADSL.Chngtich
munISAServernhnIPthttRouterADSLmkhngnhntDHCPtrongmngLAN
HinthSystemPolicy
TrnISAServermcnhchhinthAccessRuletrongphnFirewallPolicy,
nunhquntrmunlunlunhinthSystemPolicythcthsdng
Optionsau
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
247
Telecom Network Solutions
HinthSystemPolicytrnISAServerManagementConsole.
VoTaskPaneclickchnphnSystemPolicyvClickvoShowSystemPolicy.
LcnytrongContentPanexuthinthmhnglatccSystemPolicy
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:248
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SystemPolicyhinthhantantrnISAServerDetailsPane
MunthayiSystemPolicynothchngtachcnDoubleClickvoOption
vthayinidungbntrongcaPolicy.
ThayiSystemPolicytrctipbnggiaodinDetailPane
SystemPolicychyulcuhnhEnablehocDisable
BthocttSystemPolicy
HoccuhnhvikiutngtnhAdd/RemoveNetwork
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
249
Telecom Network Solutions
CuhnhiukinchoSystemPolicy
VcuicngchngtimuncgichlSystemPolicychnhhngvi
chnhmyISAServervdngvomcchbomtchoISAServer.
Ghich:SystemPolicythcchtcnglAccessRulenhngMicrosoftcuhnh
thnhmtphnringviWizardchophpngidngddngcuhnhcho
ringISAServer.Numuntmhiu,cgicthClickphichnProperties
voSystemPolicythayvClickEditSystemPolicy.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:250
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThayinidungchoSystemPolicyvchngtanhnthyrngSystemPolicythcchtcngl
mtAccessRuleviiukintcdnglnchnhbnthnISAServer
26. Cu hnh h thng Instrusion Detection Service
ISAServerctnhnngcamtInstrusionDetectionService(IDSSystem)vs
lulitanbcccuctncngvoISAServer,chyultncngDoS.ISA
Serverchialm2laitncng:tncnglaiphbinlDoShocScanPortv
laitncngth2thnggphnltncngvoDNSServer.
HthngIDSchlmchcnngLulicuctncng,nidungccgitintn
cngvhthngvophnAlerttrnphnMonitoringcaISAServer
bttnhnngIDStrnISAServerchngtalmnhsau
VoISAServerManagementConsolevchnmcConfigurationGeneral
SdngGeneralcuhnhcctnhnngphchoISAServer
TrongcasContentPaneclickchnEnableIntrusionDetectionandDNSAttack
Detection
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
251
Telecom Network Solutions
Cuhnhtnhnngcnhbotncng(IDS)choISAServer2006
TrnTabCommonAttacksvClickchnEnableinstrusiondetection
CckiutncngsclulitrnAlertvLoggingcaISAServer
Vchntipcckiutncngscluli
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:252
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Windowsoutofband(WinNuke).ISAServerslulinugpkiutncng
outofbanddenialofservicebngProtocolNetBIOSvohthngbntrongISA
ServernhmngLAN(Internal),DMZhocchnhISAServer.
Land.KiutncngnysgimtgitinvoISAServerhocmtmytnhbn
trongmngcaISAServerviSourceAddress/SourcePortvDestination
Address/DestinationPortgingynhnhau.ISAServersluvoLognugp
kiutncngny.
Pingofdeath.ISAServerluliLognugpgitinPINGvidunglngqu
ln(lnhn65535bytes).
IPhalfscan.LulikiuScanPortnuISAServernhnlintcccgiSYN
nhnglikhngcACKtrlihanttktnitheocchThreeway
Handshake.
QutrnhThreewayhandshakembochaibnTCPClientsvServerumunkhitokt
ni.Trongbckhitony,ClientsvServersthngnhtvinhausSequenceNumber,
WindowsSizechonhau.HackercthlidngktcuchtchnycaTCPthchinnhiukiu
tncngkhcnhau.
UDPbomb.ylkiutncngthnggpnhtnhngchyultrongLAN,
HackerssgihnglatccgitinUDPkhngcncchFlowControl(UDP
khngcFlowControl)vinhlmhaotnbngthngcahthng.Nu
gpkiutncngny,ISAServersluli.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
253
Telecom Network Solutions
CchlnglocaUDPtochichoHackertncngchimbandwidthcaServer.UDPkhngh
kimtrabngACKhocWindowsSize.
Portscan.ChngScanPortnuphthinhnglatgiSYNcgilintc
voccPorttrnISAServerhocmtmybntrongDMZ.NuchnOptionny
chngtaphichnthmmttrong2Optionssau:
Detectafterattacksonwellknownports.XcnhslngWellknownPort
bScan,khinongvislngPortnhtrongphnny,ISAServermito
mtAlert.WellknownPortcgitrt02048
Detectafterattacksonports.Phnnycngtngtnhphntrnnhngni
Portchungchungit065535.
ClickOK
ClickApplyluthayicaISAServer.KtbyginuISAServerpht
hinmttrongcckiutncngtrn,ISAServersluliphnLogvoAlert
trnMonitoring
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:254
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
AlertsthngbotnhhnhcaISAServertrongcluntnhhnhbtncngbngnhngkiu
notrongmcIDSvacuhnhtrn
Ghich:thchincckiutncngtrn,cgiphickinthcvHackingcbnvkhng
csdngcccngctncngnythnghimvihthngtht(chodcacngtymnh
hocmtnikhc).VikiuUDPFloodrtdthchin,cgicthttmchomnhmtcngc
tncngkiuUDPFloodtitrangwebgoogle.com.vnvitkhaUDPFlood
CckiutncngDNS
DNSServerchaPublicDomaincacngtycchuynvDMZArea,vDNS
ServernylmtDNSServertronghthngDNSServertancu,cUpper
LevelDNSServercuhnhNSRecordvoPublicIPcaDNSServer.lm
cDNSServertrongvngDMZchaPublicDomainName,chngtiphi
thchin
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
255
Telecom Network Solutions
ngktnmin
ngkNSRecordcuhnhvmtachIPthtvtnhtrnmtServer
angchydchvDNSvitnZonecngtnvitnminchngtingk
PublicDomainNamechngtingknhngNSRecordscuhnhchvDNSServermangPublic
IPtronghthngmngDMZ.
DNSServertrongvngDMZcISAServerbovvsthngbonuDNS
Servernybtncng.CuhnhIDSchoDNSAttacks
VoISAServerManagementConsolechnmcConfigurationGeneral
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:256
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhphncnhbotncngDNSbngISAServerManagementConsole.
ClickchnEnableIntrusionDetectionandDNSAttackDetection
CnhbotncngDNSlmtphncatnhnngIDStrnISAServer
TrnTabDNSAttacks,clickchnEnabledetectionandfilteringofDNSattacks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
257
Telecom Network Solutions
CckiutncngDNSscISAServerlulikhixyra
Vchntipcckiutncngsauy
DNShostnameoverflow.KiutncngnysgimttruyvnnDNS
ServervimttnHostNamediququynh(hn64kttrong1levelhoc
hn254ktchocmtDNSFQDN).
DNSlengthoverflow.LinyxyranuDNSServertrlimtachIPln
hn4byte(trongtrnghpcmtOctectlnhon255).
DNSzonetransfer.NucmtClientsnotngaiInternetmunTransfer
Zone(dngSecondaryZone)scluli.NuchophpClientstransferZone
thHackercthbitcbntrongZoneangcchanhngg.
ClickOK
ClickApplylulithayichoISAServer.
CuhnhLogDroppedPackets
TrnISAServermunluliccgitintncnglcbiIDSvcgicth
kimtraliccginysau
VoISAServerManagementConsolevchnmcConfigurationGeneral
CuhnhLuginhngPackettncng
ClickchnEnableIntrusionDetectionandDNSAttackDetection
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:258
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhphnLoggingnhngPacketsdngtncng
ClickchntipOptionLogDroppedPacketstrongTabCommonAttacks
TnhnngLoggingcbtlnmcnh
ThcrachcnngnylmcnhkhicitISAServer,nhngchngtac
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
259
Telecom Network Solutions
ttnivmcchtngPerformance.
27. Cu hnh tnh nng Flood Mitigation ca ISA Server 2006
FloodMitigationchophpnhquntrxemcccLogfilelinquann
nhngcuctncngbngMalicousCode(Virus,Trojan)voISAServer,hoc
cckiutncngtrnISAServerhocvoccServertrongvngDMZdoISA
Serverqunl.cuhnhcctnhnnglinquannFloodMitigationtrn
ISAServer2006chngtalmnhsau
VoISAServerManagementConsolevchnmcConfigurationGeneral
CuhnhtnhnngFloodMitigationtrongmcGeneraltrongISAServerManagementConsole.
ClickchnConfigureFloodMitigationSettings
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:260
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhFloodMitigationtrnISAServer2006
ymithcsltnhnngcamtFirewallmnhxngtmnhISAServer
2006.ISAServerschnccktnihocgitincnhngduhiutncngsau
y.VyltnhnngmichctrnISAServer2006
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
261
Telecom Network Solutions
EditthayiiukinchoccmcFloodMitigation
Mitigatefloodattacksandwormpropagation
CheckchnOptionnybttnhnngphthinVirus,Trojan(haygichung
lMalicousCode)
MaximumTCPrequestsperminute,perIPaddress:Edit
ISAServercthchngFlooddatrnslngTCPConnectionktnivoISA
ServerhocmtHostbntrongISAServer.ISAServercthphthinxmnhp
khicmtchngtrnhTrojanhocVirusxmnhpvohthng.
BmEditchnslnggitinyucukhitoktni(SYNPacket)ng
thicthchpnhntmtachIP.Mcnhslngktnichottccc
achIPl600ktni.Trnghpngailchophpn6,000chomtach
IPno.
MaximumconcurrentTCPconnectionsperIPaddress:Edit
ChngFloodvoISAServerhocHosttrongvngDMZdatrnslngkt
niTCPhanchnhvoISAServerhocvomtHosttrongvngDMZ.
ClickEditchnhlislngktnimcnhl160.Trnghpngailcho
mtachIPl400.
Ghich:SYNPacketsdngtrongkhitoktnivchl1phncaqutrnhThreeway
handshake.SaukhihanttqutrnhThreewayhandshake(gm2giSYNvmtgiACK)khi
mithcscmtTCPConnectionckhito.
MaximumhalfopenTCPconnections:View
ISAServerchngliSYNFloodAttackbngcchny.Trongkiutncng
SYNFloodAttackny,HackertInternetsgihnglatgiSYNvoISA
ServerviachIPSpoofnhmmcchphvqutrnhThreeway
handshake.KtqultrnServerstorahnglatktnitrngthi
LISTENINGgyhaotntinguynchoServerhocFirewall.
PhnnyISAServerstngcuhnhchochngtavbnkhngththayi
cthngssmcnhny.
MaximumHTTPrequestsperminuteperIPaddress:Edit
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:262
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ISAServerdngcchnychngDoSvoWebServer.Trongkiutncng
DoS,HackergihnglatccgitinHTTPRequestvoWebServerlmhaotn
tinguyntrnWebServer.
ClickEditthayislngktnicamiachIPnWebServer,mc
nhl600.TrnghpngailchomiachIPl6,000ktniHTTP
Request.
MaximumnewnonTCPsessionsperminuteperrule:Edit
HackercthtncngDoSvoServertrongmngDMZbngccgitinkhng
phiTCP(vdnhICMP).Trongkiutncngny,Hackersgihnglatcc
gitinNonTCPvoHosttrongvngDMZ.Ttcnhnggitinkhngphi
TCPsbtchi.
ClickEditthayislngktniNonTCPvoISAServerhocDMZ
ServertmtachIPno.Mcnhconsnyl1,000vcgikhng
ththayiphnException(ngail)cakiutncngny.
MaximumconcurrentUDPsessionsperIPaddress:Edit
ISAServersdngcchnychnglikiutncngUDPFloodvoHost
trongvngDMZ.Trongkiutncngny,HackersgihnglatgitinUDP
dunglnglnvoHostgynghnmng.
NugpphikiutncngUDPFlood,ISAServerskhngchpnhnthmbt
kktniUDPnonavoHost,lcnyslngktniUDPhintils
cquynhtrongISAServer.
ClickEditthayislngktniUDPtiacthcthchintmt
achIP.Mcnh,consnyl80.Trnghpngaillnn400.
Specifyhowmanydeniedpacketstriggeranalert:Edit
ISAServerstoramtAlerttrongphnMonitoringnuslnggitinbt
chitnngngquynh.Ngngquynhnyctnhchotanbcc
achIP,khngtnhringachIPnoc.
ClickEditthayislnggitinbtchivnuISAServerms
lngginystoramtAlert,chngtichn2000gi.
Logtrafficblockedbyfloodmitigationsettings
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
263
Telecom Network Solutions
ChnOptionnyISAServerlulicccuctncngkiuFloodmISA
Serverphthin.Chngtikhuyncocginnbttnhnngnylnc
thphthincachIPnothchintncngvoISAServervvo
thiimnocthkhcphckpthivilichngtasphisdng
nhiutinguynhntrnISAServerchotnhnngny.
28. Bt/Tt cc tnh nng bo mt cho IP
IPFragment
CcgitinIPlnhnkchcbnhthngchostphnmnhgiigil
FragmentPacket.NhngFragmentPacketcthlkiutncngDoSnnnh
quantrcthbucISAServercmnhnggitinny.
VoISAServerManagementConsoleclickchnphnConfigurationGeneral
Bt/ttcctnhnngbomtchoISAServertrongmcGeneral
TrongcasContentPaneclickchnDefineIPProtection
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:264
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhnhngtnhnngbomtchoIPtrnISAServer
ChntabIPFragmentvclickduchnBlockIPFragment
CmnhnggitinIPphnmnh
ClickchnnglicnhbocaISAServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
265
Telecom Network Solutions
ISAServermunkhngnhviccmccgitinphnmnh
ClickOK
SaukhiclickhnOptionnyvApplythayichoISAServernlptcchiu
lc.
Ghich:NuISAServercthamgiaDomainvsdngchngthcKerberosV5(sdngProtocol
UDPvgitinnythngxuynbphnmnhFragment)thcthkhngchngthccvISA
ServerbnhmlnkhicmttcccgitinFragment.NhngthngthngISAServerkhngc
thamgiavoDomain.
IPOptions
VoISAServerManagementConsolevchnConfigurationGeneral
CuhnhIPOptionstrongmcGeneraltrnISAServerManagementConsole.
ClickchnphnIPProtection
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:266
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhcctnhnngIP
ChnTabIPOptionsvchnEnableIPOptionsFiltering
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
267
Telecom Network Solutions
ChophphockhngchophpnhnggitinmangIPOption
VchntipmttrongccOptionsauy
DenyallpacketswithanyIPoption
DenypacketswiththeselectedIPoptions
DenypacketswithallexceptselectedIPoptions
ISAServerslaibnhnggitincnhngOptionnhtrongmcchn
IPRouting
McnhISAServersdngtnhnngRoutingchuynccgitingiacc
NetworktrnISAServer,chngtacthtttnhnngRoutingnyibngcch
sau
VoISAServerManagementConsolevchnmcConfigurationGeneral
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:268
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhIPRoutingtrnISAServer
ChntipmcIPPreferencestrongContentPane
CuhnhIPRoutingtrnISAServer
ChnTabIPRoutingvClickbduchnEnableIPRouting
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
269
Telecom Network Solutions
BthocttIPRoutingtrnISAServer
ClickOK
ClickApplythayichoISAServer.
KhibOptionnysgimtnhPerformancetrnISAServernhnglitngtnh
bomtvISAServerskhngForwardnguyncgitintClientsrangaim
chgiphnDataviphnIPlcaISAServer(cchNAT)
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:270
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGV
Cu hnh Publishing vi ISA Server 2006
S dng ISA Server lm Boundary Firewall bo v tan b h thng mng, hoc s dng ISA
Server bo v ring h thng DMZ cha cc Servers s c Publish ra bn ngai
Internet. ISA Server phc v rt tt vic cho php Clients t Internet (Internet Users) truy cp
vo bn trong cc Servers trong vng DMZ hoc LAN bng tnh nng Publishing Rule.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
271
Telecom Network Solutions
29. Cu hnh DNS cho Publishing Rule
PublisingRulechophpClientstInternetcthktnivoWebServer,Mail
Server,ApplicationServer,cthsdngDNSNamehocsdngachIP
Public.TrnghpServertrongvngmngDMZsdngPrivateIPchngta
sdngPublishingRule,ProtocolsdngtrongPublishingRulelInbound
Direction.
ISAServersthchinmtktninWebServerbntrongvngDMZ.Trn
WebServerchngticuhnhHostHeaderttnchocctrangwebtrnIIS
Server.truycpcctrangwebnychngtaphisdngtnmintruy
cpvotrangweb,vd:http://www.vietcert.com;trongwww.vietcert.coml
HostHeadercatrangweb,chngtitonhiutrangwebtrnIISServervt
lnltlwww.vietcert.com,www.ictexpress.com,www.vietnamlab.com.
TrongDMZNetworkchngtatmtDNSServerphngiichoServertrong
mngDMZ.DNSServernychaccZonetrongvngDMZ.ISAServerkhng
cuhnhtrctipnDNSServertrnDMZmscuhnhvolocalDNS
ServertLocalDNSServersForwarder.
TrongmhnhbndichngtakhngcDNSServertrongvngmngDMZ
NetworkmsdngLocalDNSServerphngiiachIPPubliccacc
ServertrongvngmngDMZNetwork.ISAServercuhnhchtrctipDNS
trongLocalNetwork,trnLocalDNSServerchathngtinAHostcanhng
ServertrongvngDMZ.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:272
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhDNStrongTCP/IPSettingscaISAServerkhisdngcchPulbishingRule
BnngaiInternet,ClientscthtruycpcvoISAServer(hocIPPublic
caDMZServer)cngtychngtiphingkcctnminvietcert.com,
ictexpress.com,vietnamlab.comvcuhnhHostchvISAServer.Cchth
nhtchngticuhnhNSRecordvnginguynDNSServertrnISP(ni
cungcp),ngairachngticthcuhnhNSRecordchvDNSServermang
PublicIPttrnhthngDMZNetwork(lcnyDMZphimangPublicIP),
bngcchnychngticthdchchuynDNSServervmngLANcacng
ty.
Ghich:cnhngISPkhngchophpkhchhngtcuhnhNSRecordchuynDNSServer.
Nugptrnghpnyccbnphilinhvinhcungcptnmincchuyn.Khithu
DomainccbnccpmtCpanelcuhnhNSRecord.
30. To Web Publishing Rule
WebServertrongmngLANcaVietCERTcPublishraInternetchokhch
hngthamkhoquahthngCRMcaVietCERTtrinkhaichonhnvin.Vic
PublishraInternetmttrangwebsdngtrongLocallviclmkhtobo,
chngtiquytnhsdngISAServerSecurengHTTPny.
ISAServercthPublishmtlcnhiutrangwebbngPort80datrnDomain
Namemchngtachn.ISAServer2006cungcpWizardsdngchovic
Publishingrtddng.
WebServertrongmngLANchngtivnachIP192.168.1.5vchy2
trangwebvietcert.comvcrm.vietcert.comlmttrangwebringnhngcng
chytrnWebServer192.168.1.5
PublishMultipleWebSites
VoFirewallPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
273
Telecom Network Solutions
SdngchcnngPulbishingRuletrongmcFirewallPolicy
mcTaskPanechnPublishWebSites
CuhnhPublishingRulebngchcnngPublishWebSitetrongTaskPanecaISAServer
TiptccasquenthuccaWizard,chngtittnlPublish
VietCERT.com
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:274
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RuleNamechobitchngtiangmunPublishtrangwebno
ClickNext
ChnAllowchophpClientsctruycptInternet.NuchnDeny,ISA
ServerscmkhngchophptruycpvobntrongWebServernynucc
iukincaRulekhp.
ChophpUsertruycpvotrangebnytInternet.
ClickNext
ChnmcPublishMultiPleWebSites
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
275
Telecom Network Solutions
ISAServer2006cthPublishingmtlcnhiutrangWebtrongcngmtWizard
ClickNext
TiptheolthmvonhngtrangwebnobnmunPublish,ISAServer2006
chophpPublishcnglcnhiutrangwebchvimtWizard
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:276
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmWebSitevoWizard
ClickAddthmtrangweb.Trangwww.vietcert.comscPublish.ISA
ServerktninWebServernybngSSLchthnhcngnuchngticu
hnhthnhcngSSLtrntrangwebwww.vietcert.comtrnServer192.168.1.5
ChchADDthmphnucaWebSite,khngADDFullyQualifiedDomainName(FQDN)
ClickOK
ClickADDthmmtachnachngtimunPublishlcrm.vietcert.com
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
277
Telecom Network Solutions
ChngtithmWebSiteCRMcahthngVietCERT
ClickOK
ClickNext
VtrongWizardnychngtispublish2trangweb:wwwvcrm
ClickNexttiptc
GtnDomainca2trangwebtrn.MuntruycpctnDomainnyt
Internet,chngtingkVietCERT.comvihthngqunltnminquc
t.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:278
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Tnminsdngchungcho2trangwebnylvietcert.com.PublishingMultipleWebSiteschc
thsdngnucctrangebnysdngcngtnui(DNSSuffix)
ClickNext
BctiptheortquantrngltoWebListenerchoISAServerbitphilng
nghePortbaonhiu,tnmingvktqulsdnvong2trangweb
cuhnhtrn.
ToWebPublishingRule
ClickNewthmWebListenerchoISAServer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
279
Telecom Network Solutions
ToWebListenerchoISAServerlngnghe3trangwebny
ClickNew
TnListenerchngtichnlCRMSite.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:280
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhWebListenerlngnghecoh2trangweb.WebListenterName
ClickNext
HintichngtichathchnSSLnClientsvchacuhnhSSLCertificate
trnISAServer.CchPublishingWeblcnyldngBridging,ISAServers
tomtktninPublishingServervmtktninClients.Mithngtin
scISAServerkimsat.
CchthcbomtngktnigiaISAServervClients,cgicthchnSecurebngHTTPS
hocsdngHTTP
ClickNext
CuhnhISAServerlngnghetrnInterfacenocamnh.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
281
Telecom Network Solutions
LngnghetrafficWebRequesttClientsInternet,vsdntrafficvoWebServer
ClickNext
TiptheolcuhnhkiuchngthcviUsertInternet,chngtichnHTTP
Authentication
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:282
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnkiuchngthcchoWebListener,chngtisdngBasicAuthenticationviHTTP
Authentication.PhnsauchngtishngdncuhnhHTTPSbomtUsername/Password
gibngPlainTexttrnngHTTP
ClickNext
SingSignOntrnWebchhtrnuchnHTMLFormAuthentication.Hinti
chngtichnHTTPAuthenticationnnkhngthbttnhnngSingleSignOn.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
283
Telecom Network Solutions
HTTPAuthenticationkhngthtndngctnhnngSingleSignOn(SSO)vicctrangweb
nhSharePointPortalvCRM
ClickNext
Kimtraliqutrnhcuhnh
TnghpqutrnhtoWebListenertrnISAServer.
ClickFinishktthcphntoWebListener,quayliviWizardvchnWeb
Listener.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:284
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnWebListenervatochoWizardPublishingRuleangcuhnh
ClickNext
ChnOptionNoDelegation,butClientsmayauthenticatedirectlychophp
ClientscthchngthctrctipviWebServer.TrnWebServercuhnh
BasicAuthentication.
ChnchcnngDelegateAuthenticationtrnISAServervWebServer
ClickNext
TtcmingiuctruycpvoWebSiteCRMcaVietCERT.Numun
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
285
Telecom Network Solutions
cuhnhthnhtngnhmUser,sdngchcnngADDthmUser
Definition(lmtComponentscaAccessRule)
Chophpttcmingicphptruycpvowebnynyviiukinphic
Username/Password
ClickNext
Kimtraliqutrnhcuhnh
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:286
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TnghpqutrnhtoPublishingRuletrnISAServer
ClickFinish
Saukhicuhnhxong,ISAServersto2Rule.Biutngca2PublishingRule
chinthtrongFirewallPolicy.KimtraliRulevatobngcch
PropertiestngRulelnkimtra.
PublishingRulesaukhitocxngcqunlbngFirewallPolicy
PropertiesRules1chnTabPublicNames
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
287
Telecom Network Solutions
CuhnhthngsbntrongchoPublishingRulesaukhitobngcasPropertiescaRule
ClickchnTabBridgingbitISAServerktnivoWebServerbnggiao
thcgvcthcuhnhthayili
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:288
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhPortsdngRedirectnWebServer.HTTPSchngtisdngPortmcnhl443
ClickOK
ngtInternetgachtrangwebhttp://crm.vietcert.comchngtasc
truycpvomy192.168.1.5vvongtrangwebcrm.vietcert.comtrnmy
192.168.1.5trongmngLANcaVietCERT.
tInternetcthtruycpctnmincrm.vietcert.comchngtiphic
Domainvietcert.comvcuhnhCNAMEhocHostcrmvchvachIPtht
caISAServertiach203.162.24.33
31. To Secure Web Publishing Rule
CuhnhPublishingWebviHTTPS(HTTP+SSL)
32. Cu hnh Server Publishing Rule
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
289
Telecom Network Solutions
ChngtisPublishRemoteDesktoptrnmtServertrongmngLAN
192.168.1.5rangoiInternetMr.ThanhcthquntrtxaServerny,v
thngquaServernyMr.ThanhcthktninccServerkhctrongmng
LAN.ChcnngPublishingRulechngtachsdngchoServermangPrivate
IP.ViPublicIPchngtachnginsdngAccessRule,SourcelExternal
vDestinationlPublicIPcaServermangPublicIP.
ServerPublishingRulethcralcchNATtrnISAServer.ISAServersdngchcnngPort
RedirectionvitnhnngcaFirewallcthlccApplicationData.
RemoteDesktopProtocolsdngTCPPort3389.VinhngProtocolthng
dngISAServertosnccProtocolDefinitionviccProtocolvPortnh
sn.RDP(RemoteDesktopProtocol)ServersdngTCPPort3389Inbound
cISAServertosnvvychngtachcntoServerPublishingRule.
VoISAServerManagementConsolechnFirewallPolicy
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:290
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhPublishingRuletrongmcFirewallPolicy
TrongTaskPanechnCreateNonwebServerPublishingRule
TonhngPublishingRulekhngdngchoWebvMailServer.ISAServer2006htrthm
WizardPublishingSharePointPortalServer.
RuleNamegPublishRemoteDesktopServer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
291
Telecom Network Solutions
RuleNamechobitchngtiangPublishlaiServerg
ClickNext
ServerIPg192.168.1.5ServernynmtrongmngLAN,sdngIPPrivate
nnchngtiphisdngPublishingRule.KhigpPublishingRuleCondition,
ISAServersNATvobntrongPrivateIP
RemoteDesktopServerchngtichytrnServer192.168.1.5
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:292
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ProtocoltmtrongdanhschvchnRemoteDesktopServer(RDP),cthkim
traProtocolnybngcchClickchnProperties
ChnPublishingRemoteDesktopServerProtocolccuhnhsntrnISAServer
ChntabParameter
XemphnProtocolTCPPort3389vDirectionlInbound
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
293
Telecom Network Solutions
CuhnhccthngsbntrongProtoclnyphnParameter.RDPsdngTCPport3389
ClickOK
ClickNexttrongkhivnchnRemoteDesktopProtocolServer
ClickNext
ChnNetworkExternalchoISAServerbitslngngheRDPtInternet(cc
InterfacecaISAServerktnivimngInternet)
LngngheRemoteDesktoptrnInterfaceExternal,tclUserchcthtruycpvoServernyt
Internet.
ClickNext
Xemliqutrnhcuhnh,chngtichoISAServerlngnghetrnExternal
Interface(nhngInterfacekhngnmtrongInternalvDMZlExternal)v
NATtrafficnyvoServer192.168.1.5angmdchvRemoteDesktop
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:294
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TnghpqutrnhcuhnhPublishingRule
ClickFinish
ClickApplychpnhnthayitrnISAServer,cthbnphikhingli
ccdchvcaISAServer2006.
SaukhitoxongPublishingRule,chngtikimtraliProtocolbngcas
Properties
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
295
Telecom Network Solutions
RemoteDesktopRulesaukhicuhnhshinthtrongFirewallPolicy
ClickchnTabTo
CuhnhtnhnngcaPublishingRuletrnISAServer.
ChngtivnchnOptionmcnhcaISAServerlRequestappeartocome
fromtheoriginalClients,OptionnygipchngtiMonitorctraffictu
n,bitcSourceIPcaccyucudchvnyltmyno.Nuchn
OptionRequestsappeartocomefromtheISAServercomputersmtitnh
nngMonitortrnWebServer,MailServerhaynichunglccServerc
PublishkhngthbitcSourceIPntumchthyIPcaISAServer.
ClickOKquayliviISAManagementConsole.
Ghich:chcnkhingdchvISAServerControlJob,WindowstngRestartliccdchv
linquancaISAServer.
ngtmtClientsmangPublic210.245.22.91mtngtruynkhcktni
voPublicIPcaISAServer2006(203.162.23.33).Chngtakhngktnitrc
tipvoPrivateIPcaRemoteDesktopServerachIP192.168.1.5mphi
ktnivoPublicIPcaISAServer,tISAServerstomtktnivoRemote
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:296
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DesktopServer.ngtRemoteDeskopServerchngtachcththyc
SourceIPlISAServer(InternalIP)
KtquktnithnhcngnRemoteDesktopServernhngachIPtrn
thanhRemoteDesktoplachIPPubliccaISAServer203.162.23.33
33. Publishing cc h thng Server MultiMedia
BntronghthngLANcaVietCERTcmtServerchaccVideodng
StreamingMediachophpWebServertvngmngDMZcaVietCERTc
phptruycpvo.SteamingMediasdngProtocolMMSchophpxemphim
onlinemkhngcndownloadtanbnidungtptinWMVhocWMA.
ServerMMScaVietCERtmangachIP192.168.1.5trongmngLAN,v
chngtichchophpWebServertiach203.162.23.34cphptruycp.
ChngtisdngPublishingRuleviPortlMMSServervcbitphicu
hnhFromNetworklComputervigitrlach203.162.23.34
ChchophpDMZServercphptruycpvoServertrongmngLAN,nuUserhocServert
InternetskhngthtruycpvomngLANbngStreamingMedia.
VoFirwallPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
297
Telecom Network Solutions
CuhnhPublishingRulebngFirewalPolicy
TrongTaskPanechnCreateNonwebServerPublishingRule
CuhnhPublishingRulesdngTaskPane
RuleNamegPublishMMSServertoDMZ
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:298
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RuleNamechothychngtimunPublishServernovngno.
ClickNext
ServerIPg192.168.1.5ServernynmtrongmngLAN,sdngIPPrivate
nnchngtiphisdngPublishingRule.KhigpPublishingRuleCondition,
ISAServersNATvobntrongPrivateIP
achIPcaStreamingMediachngtitti192.168.1.5trongmngLAN.achIPPrivate
nnchngticnsdngtnhnngPulbishingRule
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
299
Telecom Network Solutions
ProtocoltmtrongdanhschvchnMMSServer,cthkimtraProtocolny
bngcchClickchnProperties
ChnMMSProtocolccuhnhsntrnISAServer
ChntabParameter
MMSServersdng2Connectionsktni,TCPsdngtrongvictruyn
thngsiukhin,UDPsdngginidungPhim,nhc
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:300
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhthamschoMMSServer.MMSServersdngc2ProtocolTCPvUDPuPort
1755.ISAServercchcnngFilterchoMMSphnApplicationFilter.
ClickOK
ClickNexttrongkhivnchnMMSServer
ClickNext
ChnNetworkExternalchoISAServerbitslngngheMMSServer
203.162.33.34tmngDMZ,chngtichnDMZNetworkvClickchn
AddressvchnchnhxcachIP203.162.33.34trongvngDMZ.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
301
Telecom Network Solutions
LngnghetrnDMZNetworkvchcDMZNetworkIPcthtruycpvoServer1.5bngMMS
Protocol
ClickAllIPAddressontheISAServercomputerthatareintheselectednetwork
lngnghebngInterfaceDMZ.Chngtivnchathchincmcch
chlngnghetComputer203.162.33.34,vicnychngtasthchinsaukhi
cuhnhxongPublishingRule.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:302
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TtcachIPtrongvngmngDMZNetworkucthtruycpvoMMSServerachIP
192.168.1.5
ClickOKquayliviWizard
ClickNext
Xemliqutrnhcuhnh,chngtichoISAServerlngnghetrnExternal
Interface(nhngInterfacekhngnmtrongInternalvDMZlExternal)v
NATtrafficnyvoServer192.168.1.5angchyStreamingMediaServiceca
Microsoft
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
303
Telecom Network Solutions
TnghpqutrnhcuhnhPulbishingRulechoMMSServer
ClickFinish
ClickphichnPropertiestrnRulevatora,chngtistiptccuhnh
FromNetworklDMZnhngphichnhxcachIP203.162.33.34
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:304
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhthamschoPublishingRulevcuhnhliphnFromchchphpmtServercthno
ctruycpvoMMSServerach192.168.1.5
ClickRemovebkhangAnywherevclickADDAddthmmt
ComputermangachIP203.162.33.34
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
305
Telecom Network Solutions
TomtitngkiuComputergnvoPublishingRule
TnmytnhchngtitlDMZWebServer,mangachIP203.162.33.34
ComputerchngtittnhinthlDMZWebServervachIPcaServernytrongvng
DMZNetwork.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:306
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickOKtoComputervDoubleClickvoComputervatoAddvo
phnFrom
DoubleClickadditngnyvoPublishingRule
KimtralinidungFromvacuhnh
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
307
Telecom Network Solutions
VchngtichchophpServernyctruycpvoMMSServerachIP192.168.1.5
ClickOK
ClickApplychpnhnthayitrnISAServer,cthbnphikhingli
ccdchvcaISAServer2006.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:308
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGVI
Kt hp ISA Server 2006 v Exchange
Server 2003
S dng ISA Server 2006 vi cc tnh nng Publishing, Access Rule v Security bo v h
thng Exchange Server 2003 bn trong vng DMZ. Cc bi LAB trong chng ny s cho
ngi c thy c s kt hp han ho gia ISA Server 2006 v Exchange Server 2003.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
309
Telecom Network Solutions
34. M hnh chung
TrongbithchnhcachngnytptrungvocuhnhPublishingRuletrn
ISAServerchophpUsertInternetcthtruycpvoExchangeServer.
ExchangeServerMailchngtikhngttrongmngLAN,nhngdocth
cabithchnhnntmthichngtichoMailServernmtrongvngmng
InternetthchinPublishingRule.
NuMailServernmtrongvngmngDMZviPublicIPthkhngcnsdng
tnhnngPublishingRulemthayvocuhnhAccessRulechoUseritrc
tiptInternetvoDMZNetworkvihngTrafficlOutbound.
TrongmngLAN,chngtic2Server192.168.1.4chyMailServerExchange
2003v192.168.1.5chyStreamingMediaServerhostingccanVideocho
VietnamLabWebSite.Chngtaslnltthchinccbithchnha
nhngdchvtrnccServernyraUsertInternet.
MhnhthhnhchungchophnPublishingRule.
CuhnhRoutingvNATbngNetworkRule,cuhnhAccessRulechoUser
truycpbnhthngtmngLANraInternet.NhngtInternetvoLANphi
cuhnhPublishingRulehaynicchkhclNATngctheoPortcadchv.
TrnISAServercuhnhkhnhiuPortvihngincomingvcnh
dubngccProtocolcchServerphasau.ChngtastndngccProtocol
csncaISAServerPublish.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:310
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
35. Cu hnh SMTP Publishing Rule
MailServertmngDMZcthgiMailtrctipvoMailServerbngProtocol
SMTPPort25.ChngtasthchinPublishingSMTPServerhngInbound
voServer192.168.1.4.KhiPublishSMTPServer,chngtacthcuhnhSMTP
FilterlcnidungcaMailkhinhntMailServertrnInternet.
VoFirewallPolicy
SdngFirewallPolicycuhnhPublishingRule
TrongmcTaskPanechnPublishMailServers
PublishingMailServerlmtWizarddngsntrongISAServerchophpaMailServertrong
mngLANraInternetquacchNAT
NamechngtigPublishMailServernonSecureSMTP
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
311
Telecom Network Solutions
PublishingMailServerSMTPbngISAServerWizard
ClickNext
TiptheochnServertoServercommunication:SMTP,NTTP
ChnWizardgipcuhnhchotngtcMailServertInternetvoLocalMailExchangeServer
tiach192.168.1.4lmMailOnline.
ClickNext
ChnProtocolSMTPServersPublish.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:312
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnProtocolSMTPServerchophpMailServertInternetcthgiMailtrctipvoServer
Exchangecachngti.
ClickNext
XcnhachIPcaMailServerangchyExchange2003ti192.168.1.4
achIPcaMailExchangeServertiach192.168.1.4
ClickNext
ChngtichoISAServerlngnghetrn2InterfacelDMZvInternet.NuMail
ServercakhchhngcnhucugiMailvocngtychngti,chcnMail
ServermangachIPPubliclcphpgivomailServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
313
Telecom Network Solutions
CuhnhISAServerlngnghetrnExternalvDMZNetworknutrafficSMTPntInternet.
ClickNext
Kimtraliphncuhnh
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:314
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralinhngphncuhnhsaukhihanttccbccaWizard
ClickFinish
SaukhitoRule,ISAServerxuthinthmmtRulenatrongFirewallPolicy
PublishingRulethcchtcngcchatrongFirewallPolicychungviccAccessRule.
PublishingRulechlmtdngbinthcaAccessRule.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
315
Telecom Network Solutions
36. Cu hnh SMTP Filtering
ISAServercungcptnhnngSMTPFilteringchnglivictncngbngSMTP
tInternet.Hackercthsdngkiutncnglmtrnbm(Buffer
overflow)bngcchgiccCommandtrongSMTPProtocoldihnbnh
thng.ISAServerngnchnvicnybngcchquynhchiudicacccu
lnhtrongSMTP.McnhSMTPFiltercEnabletrnISAServervquynh
snnhngchiudiccculnhcnthittrongSMTP.
cgicthEnable/DisabletnhnngSMTPFilterbngmcAddinstrongISA
ServerManagementConsole.
VoISAServerchnmcAddins
EnablevcuhnhSMTPFilterbngApplicationFiltertrongmcAddInscaISAServer
ManagementConsoletrnWindows2003
ChnTabApplicationFiltervEnableSMTPFilter
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:316
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
EnableSMTPFilterchnglicckiutncngtrnbmcaHacker
CuhnhccchiudichonhngculnhtrongSMTPCommand.Thcrabi
nychngtimungiithiuncgivSMTPFiltertnhnngny
cbtmcnhtrnISAServer2006vtcdngtrnIncommingSMTP
Traffic(gmSMTPvSMTPServerProtocol)
CuhnhchiudiccculnhSMTPbngcchchnculnhvClickEDIT
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
317
Telecom Network Solutions
ThayichiudicaSMTPCommand.266lchiuditiacaculnhRCPTTO:chach
Emailcngin.Hackercthgimtculnhdihn266gylichohthng.
ClickEdit
cgicththbngcchchocons266nhhnchiudicattccca
chgitrongmcTO,lMailsbchnlitrnISAServer.
NhquntrcththayichiuditiachoRCPTCommand
ClickOK
ISAServer2006cthmmttnhnngphchngtacthcihckhngci
cngc,lMessageScreener.
ThamkhothmMessageScreenertiach
http://www.microsoft.com/technet/isa/2004/help/FW_SMTPFilterAbout.mspx?mf
r=true
37. Cu hnh OWA Publishing Rule
OutlookWebAccessctrangbtrnExchangeServerchophpUsercths
dngHTTPCheckMail/PublicFolderngaytrnWebBrowsercamnh.Web
BrowserchcnhtrJavalc,vhuhtccBrowsergiyhtr
Javavotrnhduytcamnh.
truycpvoExchangeWebSitetrongmngLANchcnghttp://IPof
Server/exchangeviIPofServerlachIPcaExchangeServertrongmng
LAN,vghttp://IPofServer/publictruycpvoPublicFoldertrn
ExchangeServer.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:318
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
UserktnivoExchangeServertInternetquaISAServer.ExchangeServer
mangachIPPrivatenntrnISAServerphithchinchcnngNATtheo
Portvobntrong.TnhnngNATtrnISAServercgitheomttnkhc
PublishingRule.
ISAServerdnhringmtphnPublishOWAcaMicrosoftExchangeServer
2003,trnISAServerPublishingWizarddnhringchoOWAchtrtnhnng
AuthenticationFormnhmbomtchoUserkhikhngciukinsdng
MicrosoftOutlook2003checkMailmphisdngOWAmtnikhng
antannhdchvInternetcngcng.
SdngWizardPublishSecureWebSitetrnISAServer
VoFirewallPolicytrongISAServer
ChnmcPublishExchangeWebClientsAccesstrongcasTaskPane
SdngchcnngPublishExchangeWebClientsAccessatrangOWArangaiinternetcho
Usertruycp.RequesttClientsscISAServernhnvchuyntipvoExchangeServer.
RuleNamechngtitPublishingOWAon192.168.1.4
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
319
Telecom Network Solutions
RuleNamePublishingOWAon192.168.1.4chochngtibitchcnngcaRuleny.Rulename
ttphihinthcchongidngbitchcnngcanmchacnphivopropertiesxem
ClickNext
XcnhlaiExchangeServersdngtrnmy192.168.1.4lExchangeServer
2003vlaiProtocolchngtimunPublishhintitrongbithchnhnych
lOWAnnchnOutlookWebAccess
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:320
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnExchangeServerversionvlaiProtocolsPublishraInternet.ChngtichnOWA
PublishWebOWAtrnExchangeServer
ClickNext
Chntipdngwebn,vchngtichsdngmtachIP192.168.1.4cho
ExchangeServer.
ChpublishmttrangwebtrnExchangeServernnchngtichnOptionPublishasinglewebsite
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
321
Telecom Network Solutions
orloadbalancer.
ClickNext
ChngtiktniISAServer2006viWebServertrnExchangeServersdng
HTTPS.MuncuhnhcHTTPS,trnExchangeServerchngtiphicu
hnhthmCertificateAuthoritiviveServercpCertificatechoWebServertrn
Exchange.ChngtimundngOptionnybomtchotrafficktnitISA
ServervoExchangeServer.
ChnlaiktnigiaExchangeServerviISAServer.ISAServerngvaitrClientscaExchange
ServervchngtichnkiutrafficlSSLSecuretrongLAN.
ClickNext
KhaibotntrangwebtrnExchangeServercuhnhHTTPS.Tntrangweb
btbucphilMail.VietCERT.comvchngtikhaiboCommonName
trnCertificatecpchotrangwebnylMail.VietCERT.com
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:322
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TnminsdngkhitruycptISAServervoExchangeServer.Mail.VietCERT.comltnmin
CommonNamechngtikhaibotrnExchangeServerWebSitekhicuhnhHTTPSnnphi
dngmail.vietcert.comkhitruycptrangwebny.
ClickNext
KhaiboPublicDomainNametrnInternetkhingkvihthngtnmin
QucT.ChtruycpvoISAServerbngngtnminPublicnymic
dnvoExchangeServertiach192.168.1.4
PublicDomainNamechngtisdngchotrangwebnyl
webmail.vietcert.com
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
323
Telecom Network Solutions
CuhnhWebSitetrnISAServerchophpPublishOWA
Clicknext
CuhnhWebListenerchoISAServersdngPublishOWAraInternet.
ChngtiscuhnhSSLtrnISAServerbucUserphisdngHTTPSkhi
truycpvotrangOWAcaISAServer.WebListenertrnISAServerchngti
stolngnghetrnPort443caHTTPviSSL.
Clicknew
cgiphicuhnhthmWebListenerchoOWAviHTTPS
Ch:MuncuhnhcSSLWebListener,ISAServerphicServerCertificatechngthc
viClientsvkhitomtSecureTunnelnClients.Mitraffictrongngtruynnyscm
haviKeyctobiClientsvServerquaqutrnhtraoiKey.Keynycilintcsau
15pht.
inListenerNamelSSLWebListener.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:324
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TnchoWebListenerviCertificate
ClickNext
ChnkiuktnicaListenerviClients.ChngtibucUserphiktnin
ISAServerbngHTTPS.VtrnISAServerphicCertificatechngthcvi
User.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
325
Telecom Network Solutions
CchthctruycptISAServervClients.ChngtiphibomOWAcbomtnnphi
cuhnhHTTPSchoktniny.
ClickNext
ListenernyslngngheHTTPTraffictClientsInternetvDMZNetwork.
Chn2mngDMZNetworkvExternal
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:326
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LngnghetmngDMZNetworkvmngInternet.
ClickNext
BctiptheolkhaibochoISAServersdngCertificatenochngthc
viClients.thchincbcny,cgiphithchinqutrnhxut
CertificatetWebServercuhnhtrongbithchnhxxxvavoISA
Server.ISAServersidinchoWebServerviClientsthchinqutrnh
chngthcchoWebServer.Trongphnnychngtixinnhclicchxut
CertificatetWebServervImportvoISAServertinchoquvtheodi.
XutServerCertificatetWebServervImportvoISAServer
TrnWebServersdngSnapinCertificatexutCertificatetWebServer
thnhmttptin.
VoRUNchyMMCnpCertificatesSnapin
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
327
Telecom Network Solutions
KhingMMCbngRUN
ClickOK
VoMMCvADDthmSnapinCertificates
ThmSnapinCertificatequnlCertificatestrnmytnh
ClickADD
VchnComputerAccount
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:328
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LaiCertificatesdngchoWebServerslComputerAccountCertificae
ChnmcLocalAccountqunlAccounttrnLocalComputercaWeb
Server.
KtnivoLocalComputerqunlccCertificatetComputerny
ClickchnmcPersonaltrongSnapinCertificates,chntipFolderCertificates
vtmCertificatewww.hocmang.comcpchotrangWebhocmang.com.
ClickphichnExportxutCertificatenyvchunbImportvoISAServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
329
Telecom Network Solutions
SdngWizardExportxutCertificatethnhfile
ClickNext
ClickYes,exporttheprivatekeyvphicPrivateKeytrongCertificatecpcho
WebServervschuynchoISAServer.ClientsssdngPublicKeyca
Cerficatek
XutlunphnPrivateKeysdnggiimphnKeycmhaviPublicKeytClient
ClickNext
VchnlaiCertificatesdngl.PFXbntrongcchaPrivateKey.Chngti
sdngStrongEncryptionbovPrivateKeybntrongtptinny.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:330
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
LaiFilePFXcsdngchaPrivateKeyvcmha
ClickNext
CuhnhPasswordmhachotptinny
tPasswordmhanidungcatptinPFX
ClickNext
Tntptinchngtixutralhocmang.cer
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
331
Telecom Network Solutions
XuttptinCertificatethnhtptinhocmang.cer.pfx
ClickNext
ClickFinish
WebServersbolqutrnhxutthnhcng
QutrnhxutCertificatethnhcng
ImportCertificatevoISAServer
TrnISAServersaukhicopytptinhocmang.cerxutratWebServer,chng
tiDoubleClickvoCertificatenyImportvoISAServer.
DoubleClickvotptinhocmang.cer.pfx
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:332
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhImportCrticateviPrivateKeyvoISAServer
KhaibongPasswordchngtisdngtrongqutrnhxuttptinny
KhaiboPasswordgiimCertificateviPrivateKey
ClickNext
ChnPersonalbngntBrowsevclickOK
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
333
Telecom Network Solutions
ImportCertificatevongphnPersonaltrnComputer
ClickNext
ClickFinish
QutrnhImportthnhcng
QutrnhImportthnhcng
KimtraCertificatetrongCertificateSnapincaISAServermcPersonal(thc
hincngvicnytrnISAServer)
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:334
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraCertificatetrongmcPersonalcaISAServer
TiptheoqutrnhpublishingOWA
ClickchnServerCertificatevchnngCertificatecpphtchoWeb
ServervImportvoISAServer.
ClickOK
ClickFinishktthcphnchnCertificate
TiptcchnkiuchngthclFormbasedAuthentication
ClickNext
KimtraqutrnhLogonlncui
ClickFinish
38. Cu hnh RPC Publishing Rule
MicrosoftOutlook2003cthktninExchangeServerbngMAPIProtocol,
haynicchkhclMicrosoftOutlook2003cthsdngRPCtngtc
nExchangeServerbngcchmAPIgiaccchngtrnhvinhau.RCPc
thcPublishbngISAServervISAServerccchSecurenhchngti
giithiuuchng.
MicrosoftOutlook2003cthsdngAccountMicrosoftExchangeServert
InternetviachIPPubliccaISAServerti203.162.24.33
VoFirewallPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
335
Telecom Network Solutions
CuhnhPublishingRuletrongmcFirewallPolicytrnISAServerManagementConsole.
TrongmcTaskPanechnPublishMailServers
ChnmcPublishingMailServerschophpUsertInternettruycpcvoMailExchange
Servertiach192.168.1.4trongmngLANcaVietCERT
NamecaWizardchngtigPublishNonSecureRPC
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:336
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RulenamechngtitchoPublishingRuletheonguyntcPublishingmtcngviccaRule
ClickNextchnClientsAccess
SdngWizardPublishingClientschophpClientscthktnivoExchangeServertrongmng
LANquacchNAT
ClickNext
TiptheochngtischnRPCaMicrosoftOutlook2003chophptruy
cptInternet.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
337
Telecom Network Solutions
ChnprotocolscPublish.ChngtichnRPCchophpMicrosoftOutlook2003cthktni
voExchangeServerbngMAPI,ngtruynMaillcnycmha.
ClickNext
XcnhachIPcaExchangeServer2003trongmngLANtiachIP
192.168.1.4
XcnhachIPcaMailServertrongmngLANmangachIPPrivatel192.168.1.4
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:338
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChoISAServerlngnghetInternet,nutrafficnyntInternetchngs
cNATvobntrongExchangeServerach192.168.1.4.
LngnghetraffictExternaltrnISAServer.ClientstInternetktnivoExchangeServert
InternetscdnvobntrongExchangeServerachIP192.168.1.4bngcchNAT.
ClickNext,kimtraliqutrnhcuhnh.ChngtiskhngClickApplyv
RPCkhngcantan,dbtncngbngcckiuVirusnhBlaster,Sasser.
ThayvcuhnhRPCbnhthngquaInternet,chngticuhnhRPCover
HTTPS,sdngSSLmhanidungcaRPCtrongmtProtocolHTTPS.
39. Cu hnh Publishing Rule cho Clients s dng POP3 v IMAP4
ClientstInternetcthtruycpvoMailExchangetrongmngniblyMail
bngProtocolPOP3vIMAP4.MailServercPublishingquaISAServer,
ClientssktnivoPublicIPcaISAServer.TrnISAServertomt
PublishingRulechophpClientsktnivobntrong.Chngtacthtchhp
mtschngtrnhchngVirus,SpamngaytrnISAServer(SMTPGateway)
bomtchohthngMail.
iviClientsphitothmmtProfilenachoUserttnOutofOffice
Usercthsdngddngkhilmvicngaivnphngnhngvnktni
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
339
Telecom Network Solutions
voExchangelyMail.
TrnISAServercsnWizardchophpcuhnhPublishingRuleIMAP4v
POP3
VoFirewallPolicy
SdngFirewallPolicycuhnhPublishingRule
ChnmcPublishingMailServerstrongphnTaskPane
PublishingMailServerbngWizardcsncaISAServer.
NamechngtitlMailClientsPOP3IMAP4
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:340
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RuleNamehinthcchcnngcaRuletosddngkhiqunlISAServer
ClickNext
ChnClientsaccess:RPC,IMAP,POP3,SMTP
ChnClienAccesstiptcWizardPublishingProtocolchoClients
ClickNext
TiptcchnlaiClientslPOP3,IMAP4vSMTP.PhicSMTPchophp
ClientsgiMailbngExchangeServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
341
Telecom Network Solutions
ChngtichchnPOP3,IMAP4vSMTPchoClientstruycptInternet.
ClickNext
XcnhachIPcaMailServerdngtrongmngLAN.ExchangeServer2003
cachngtiangsdngmangachIP192.168.1.4.
ChuyncctnhiunyvoServerMailExchangetiachIP192.168.1.4
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:342
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnlngnghetInternet.NuUsertInternetinvdngPortPOP3,
IMAP4vSMTPsdnvobntrongMailServer192.168.1.4.iunychp
dngnuClientsgIPtrctiplcaISAServer.NuClientsgthngach
IPcaMailServermangPublictrongvngDMZthsibngRoutingtrctip
voMailServerDMZnymkhngquacchPublishingRulecaISAServer.
LngnghecctrafficnytrnInterfaceInternet
ClickNext
Kimtraliphncuhnh
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
343
Telecom Network Solutions
TnghpliqutrnhcuhnhPublishingRule
ClickFinish
CuhnhMicrosoftOutlook2003sdngPOP3/SMTP
TiptheocuhnhMicrosoftOutlook2003tomtProtfiletnOutofOfficev
cuhnhPOP3hocIMAP4choUser
MicrosoftOutlook2003nmtrongbMicrosoftOffice2003Professional
CuhnhMicrosoftOutlook2003bngAppletMAILtrongControlPaneltrncc
myClients
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:344
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhMicrosoftOutlookProfilebngchcnngMailtrongControlPanel
TomtProfilemimangtnOutofOffice
ChnhinthccProfilehincotrongmytnh
ClickchnAddthmProfilemi
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
345
Telecom Network Solutions
ClickADDtothmProfilemitrenmytnh
GtnProfilelOutofOffice
tProfilenamechoProfilemi
ClickOK
ChnOptionAddaNewEmailAccountkhaibothmAccountchoMicrosoft
Outlook2003
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:346
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TothmAccountchoProfilemi
ClickNext,chngtichoUsersdngPOP3khirakhivnphng.
ChnlaiktnilPOP3nMailServer
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
347
Telecom Network Solutions
KhaibothngsvMailServer.MailServerphikhaibothnhachIP
publiccaISAServer.TrnISAServerchngticuhnhPublishingRule
chuyncctrafficnyvotrongServer192.168.1.4.
KhaibothngtinktninMailServer,Username,PasswordvachcaMailServer(gm
POP3vSMTP)
ClickNext
ClickFinish
UserQucTancthsdngProfilenykhiktnitInternetCheckMail
bntrongMailServertiach192.168.1.4
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:348
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGVII
S dng cc b lc trn ISA Server 2006
S dng Advanced Filter v Web Filter cho php ngi qun tr lc c cc ni dung su
bn trong gi tin i qua ISA Server 2006. Ngai ra, phn Filter ny, Microsoft cho php
ngi lp trnh c th t vit thm cc Module bn ngai chy tch hp vi ISA Server
2006. Tnh nng ny nhm mc ch tch hp cc ng dng ca hng th 3 vo ISA Server
2006.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
349
Telecom Network Solutions
40. Tm hiu Application Filter trn ISA Server 2006
ApplicationFilterlphnmrngMicrosoftchophpcchngth3cthpht
trinccngdngtchhpvoISAServer.MttrongcchngphttrinAddin
choISAServerlGFI.ThamkhoGFItitrangwebwww.gfi.com.GFIhtr
ISAServerphnHTTPFilteringkhtt.
Hnh:GFIWebMonitorsnphmcachungnhtsdngviISAServer2004/2006
MonitorvchngViruschoHTTP,FTP
Internetaccesscontrol&realtimemonitoringofuserswebactivity
Companiesmustexercisesomecontroloveruserswebbrowsinghabitsnot
onlytoensureproductiveuseoftheInternetbutalsotosafeguardusersfrom
adultsitesandtoensurethatdownloadsarevirusfree.Thetraditionalfullblown
webproxyfiltersarecumbersometoinstall/administerandexpensivetobuy,
whilelogfileanalyzersareawkwardtouseanddonotallowforrealtime
monitoringandblocking.
Virusscanningofdownloadsandrealtimeaccesscontrol
GFIWebMonitorisautilityforMicrosoftISAServerthatallowsyoutomonitor
thesitesusersarebrowsingandwhatfilestheyaredownloadinginREAL
TIME.Inadditionitcanblockaccesstoadultsitesaswellasperforminganti
virusscanningonalldownloads.GFIWebMonitoristheperfectsolutionto
transparentlyexerciseadegreeofaccesscontroloverusersbrowsinghabitsand
ensurelegalcomplianceinamannerthatwillnotalienateyournetworkusers!
WebFilterchophpISAServerqunlcPacketDatatngApplication
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:350
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SdngApplicationFilterlcnidungccApplicationdatakhigiquaISAServer.ISAServer
lApplicationProtocolnncthccApplicationDatatng7.
VcbitWebApplicationFiltercsdngnhiunhttrnccApplication
FirewallvlinquannWebTraffic
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
351
Telecom Network Solutions
WebFilterlcttcccHTTPTrafficiquaISAServervcththayinidungcagiHTTP.
ViHTTPS,ISAServersdngcchBridgingthayinidungHTTPS.
Ngaira,MicrosoftcungcpchongidngvccDevelopersphnISAServer
SKDcthtlptrnhhocthayiISAServertheohngphttrinca
ringmnh.CcAddIncaISAServercthEnable/DisablebngcngcISA
ServerManagementConsoletrongmcAddins
DownloadISAServerSDKtiach
http://www.microsoft.com/downloads/details.aspx?FamilyID=16682c4f7645
427997e49a0c73c5162e&DisplayLang=en
TrnISAServer2006,ccApplicationFilterscttrongphnAddins
VoISAServerManagementConsole
ChnmcConfigurationchntipAddins
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:352
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhApplicationFilterstrongphnAddinscaISAServer.NgairatrongphnAddinsny,
cgicththmnhngFilterttobngbcngcISAServerSDK.
TrongphnAddingmttcccApplicationFiltercaISAServer2006,gm2
phn:ApplicationvWebFilter
CcApplicationFilter
TrongISAServer2006baogmsnkhnhiuApplicationFilterchoccApplicationtngng.
VClickchnTabWebFiltersxemccFiltersdngchoWeb
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
353
Telecom Network Solutions
RingphnWebFilterISAServerlumtphnringbitvWebihikhnhiulaiFilter,mt
iunalWebTrafficthngxuyncsdngnht.
ChngtacthEnable/DisableccAddinsnybngcchClickphichutchn
Enable/Disable
CuhnhEnable/DisableccFilterbngcchClickphichut,chnEnable/Disable
ChbiutngcaAddinbitangtrngthiEnablehayDisable
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:354
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NhnvotrngthicaccApplication/WebFiltercthbitchngangEnablehocDisable.
41. Cu hnh HTTP Web Filter
McnhttcccTrafficnoiquaISAServerbngProtocolHTTPubmt
ApplicationtrongISAServertcdng.FiltermangtnWebProxyFilter.Filter
nycchcnngchnttcccWebTrafficvthchinchcnngSemiNAT
WebServer.achIPcaClientsvnchinthtronggitin,nhngISA
Servercquynkimsatnidunggitingii.
PropertiesHTTPProtocolEnable/DisableWebProxyFilter
VoISAServerManagementConsole
ChnFirewallPolicy
CuhnhHTTPFiltertrctiptrongAccessRule.AccessRuleccuhnhtrongFirewallPolicy.
ChntabToolBoxtrongTaskPanevtmProtocol
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
355
Telecom Network Solutions
HTTPFilterccuhnhtrnProtocolDefinition.ChngtakhngcuhnhtrctipHTTPFilter
trnbWebFiltercaISAServer.
ChnngProtocolcncuhnhApplicationFilter,chngtichnHTTP
PropertiesProtocolnyvchkhuvcApplicationFilter
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:356
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrnHTTPProtocolDefinitioncpdngmtApplicationFiltersdngchoWeblWebProxy
Filter.FilternycungcptnhnngHTTPFilterchoISAServer
HintiHTTPangbtcdngbiApplicationFiltertnWebProxyFilter.Filter
nychngtakhngthDisabletrnISAServercnhngcthUnLinkFilter
nykhiProtocolHTTP
Ghich:ikhiWebProxyFiltergyralichoWebTrafficnncthchnhsanhanhbngcchb
WebproxyFilterrakhiProtocolHTTP.UncheckWebProxyFilterbFilternyrakhiHTTP
Protocol.
WebProxyFilterchophpcuhnhtrnHTTPPackets.Nhngculnhv
MethodhocnhngtptincchuyntitrnHTTPucthlcbngFilter
ny.cuhnhblcHTTPFilterchngtachnHTTPProtocoltrongbtk
mtAccessRuleno.ChngtichnmtAccessRuleInternetAccesstrong
FirewallPolicycuhnhHTTPFilter.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
357
Telecom Network Solutions
CuhnhHTTPFilterngayAccessRulenocProtocolHTTP.Clickphichutvchnmc
Protocols.
ClickchnntHTTPFilter
ProtocolnocpdngWebProxyFiltersmangtnhnngHTTPFilter.KhicuhnhHTTPFilter
spdngchotanbProtocolnocWebProxyFilter.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:358
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Cmccphntnmrngmangtn.EXE,.MSIkhngctiquang
HTTP.ClickchnTabExtensionvADD2tptintrn.ChnBlockSpecified
extensions(allowallothers)
CuhnhHTTPFilterkhngchophpdownloadnhngtptinctnmrngthucphnExecutable
Files(nhngtptincthchyc)
ClickOK
Ghich:NhnggchngtacuhnhtrongHTTPFiltersclulitrnWebProxyFiltervtc
dngchottcccProtocolkhccaISAServernuccProtocolnycpdngFilterWebproxy
filter.ChngtacthtothmmtProtocolHTTPNoProxychophpccClientsithngrangai
InternetmkhngcnCachelinidungtrnISAServer.ProtocolminycngsdngPort80
TCPnhngkhngpdngblcWebProxyFilter.
HocWebProxyFiltercthchngitinHTTPdatrnHTTPSignature
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
359
Telecom Network Solutions
TrongmtgitinbtcbngEthereal,cutrccaHTTPHeadernhphntrn.HTTPHeader,
SignaturelnhngphnnhndinviISAServerbitgitinchag,angsdngtrnh
duytno
DatrnHeader,Signature,MethodhocPacketTypecaHTTPpacketchngta
cthbucISAServerchnhocchophpcclaigitinny.Ttcnhngtnh
nngtrnlcaWebProxyFilter.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:360
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
HTTPthucApplicationProtocolnnccutrcdliuchoringmnh.HTTP,SMTP,FTP,
POP3,ulnhngApplicationProtocol.HTTPsdngTCPPort80chuyngitin
PropertiesphnHTTPFiltering,chngtacthcuhnhccthnhphnca
HTTPPacket.
NgairacgicthcuhnhthmnhiuphnkhcnaviHTTPFilter.HTTPFilterchyu
datrnnidungcaHTTPHeader..
Ch:HTTPPacketcthsdngphnBodylctrnISAServer.Nusdngtnhnngny,
ISAServerstnrtnhiutinguynchovicMonitorvAnalyze,skhnghiuqu.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
361
Telecom Network Solutions
TomtProtocolmichoHTTPnhngkhngpdngWebProxyFilter
VoISAServerManagementConsolechnmcToolBoxtrongTaskPane
ClickNewProtocol
CuhnhthmProtocolmichoISAServer,sdngTabToolBoxtrnphnTaskPane.ClickMenu
NewchnProtocol
NamegHTTPNoProxy
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:362
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ProtocolNamelphnhinthtrnISAServervtrongAccessRule.ProtoclNamechngtacth
ilisaukhicihnhbngTabProperties.
ClickNext
PrimaryConnectionclickchnNew
ClickchnNewkhaibocimcaktnisto.
Protocol:TCP
Port80to80
Direction:Outbound
KhaibochoISAServerthngtincaktnistogmLaiProtocol,hngicadliu,sPort
sdng
ClickOKquaylivimnhnhWizard,kimtracuhnhConnectionvato
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
363
Telecom Network Solutions
Saukhicuhnhchngtilunkimtralithngtincuhnh,vicnykhquantrngvnusai
sdndnveccuhnhsai,khngtuntheokhithitk.
ClickNext
ClickNextbquaphncuhnhSecondaryConnection
KhngsdngSecondaryConnectionchoProtol,nudng,chngtacthtothmmtProtocol
khcvihnglInbound.
Reviewcuhnhvathchin
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:364
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Saukhicuhnh,lunReviewlinhngglm,clickFinishhantt.
ClickFinish
PropertiesProtocolvatovchphnApplicationFilterschngtakhngp
dngbtclaiFilternovoProtocolny.
SaukhicuhnhxongProtocol,chngtacthPropertiesProtocolthayiccthngs
KimtratrongTabParameter
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
365
Telecom Network Solutions
KimtratrongphnApplicationFilter,chngtikhnghtcdngthmbtcFilternocho
Protoclny.SdngPort80nhngkhngdngWebProxyFilter
NhngtrafficnoibngProtocolnykhngbnhhngbiFilterWeb
proxy.NhngProtocolnokhngcWebProxyFiltertcdngskhngthcu
hnhHTTPFilter.
42. Cu hnh FTP, SOCKS Application Filter
WebProxychhtrtrnProtocolTCPPort80choWebhocFTP.FTPProxyc
thbthoctttrnISAServer.ChngtacthcuhnhISAServerthnhmt
SOCKSServerchophplmProxychobtkServiceno.Clientscnphici
tMicrosoftISAServerClientscthsdngtnhnngSOCKStrnISA
Server.
EnableSOCKSApplicationFiltertrnISA
VoISAServerManagementConsole
ChnConfigurationAddins
ClickphilnSOCKSvchnEnable.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:366
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
BtSockV4FilterchophpISAServersdngtnhnngSOCKFilter,lcccngdngchybng
SOCKnhFirewallClients.
TrnClientscaISAServercitchngtrnhMicrosoftISAServerClients.
Saukhici,ClientsstngtcnISAServerbngSOCKSTraffic,nidung
cmhatrnngtruyn.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
367
Telecom Network Solutions
SOCKApplicationsdngFirewalllmProxyServervchuynttcccRequestnFirewall.
ISAServerskimsatcnidungcaSOCKApplications.
ViFTPTraffic,ISAServerchchophpReadOnlyttcnhngtrafficralnh
UploadtrnFTPServerukhngchophp,tclUserschcthGETfilet
FTPmkhngthPUTfilelnFTPServer.
CuhnhFTPFilter
VomtProtocolchtrFTP,chnConfiguringFTPFilter
FTPFilterchcthccuhnhtrctiptrongAccessRulenocFTPProtocol.
ClickchnTabProtocolvclicktipFiltering
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:368
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RulecFTPProtocolcthcuhnhFTPFilter.
ClickchnOptionReadOnly
FTPFilterchchophpngidngcquynReadOnlyviFTServermkhngthghifile.iu
nygipchonhquntrkhilolngvivicmtthngtintrongmngkhingidngchuyntp
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
369
Telecom Network Solutions
tinlnFTPServer.
ClickOK
ClickApplychpnhnthayitrnISAServer
NuClientsbntrongLANsdngFTPCommandClientsnykhngththc
hinclnhPUTfilename
ThamkhocutrclnhcaFTP:
ListofFTPcommandsfortheMicrosoftcommandlineFTPclient
CommandlineoptionsAsyourestartingtheprogramfromaDOSprompt:
ftp[v][d][i][n][g][s:filename][a][w:windowsize][computer]
vSuppressesverbosedisplayofremoteserverresponses.
nSuppressesautologinuponinitialconnection.
iTurnsoffinteractivepromptingduringmultiplefiletransfers.
dEnablesdebugging,displayingallftpcommandspassedbetweentheclient
andserver.
gDisablesfilenameglobbing,whichpermitstheuseofwildcardchractersin
localfileandpathnames.
s:filenameSpecifiesatextfilecontainingftpcommands;thecommandswill
automaticallyrunafterftpstarts.Nospacesareallowedinthisparameter.Use
thisswitchinsteadofredirection(>).
aUseanylocalinterfacewhenbindingdataconnection.
w:windowsizeOverridesthedefaulttransferbuffersizeof4096.
computerSpecifiesthecomputernameorIPaddressoftheremotecomputerto
connectto.Thecomputer,ifspecified,mustbethelastparameterontheline.
Clientcommands!Runsthespecifiedcommandonthelocalcomputer
?Displaysdescriptionsforftpcommands
appendAppendsalocalfiletoafileontheremotecomputer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:370
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
asciiSetsthefiletransfertypetoASCII,thedefault
bellTogglesabelltoringaftereachfiletransfercommandiscompleted(default
=OFF)
binarySetsthefiletransfertypetobinary
byeEndstheFTPsessionandexitsftp
cdChangestheworkingdirectoryontheremotecomputer
closeEndstheFTPsessionandreturnstothecommandinterpreter
debugTogglesdebugging(default=OFF)
deleteDeletesasinglefileonaremotecomputer
dirDisplaysalistofaremotedirectorysfilesandsubdirectories
disconnectDisconnectsfromtheremotecomputer,retainingtheftpprompt
getCopiesasingleremotefiletothelocalcomputer
globTogglesfilenameglobbing(wildcardcharacters)(default=ON)
hashToggleshashsign(#)printingforeachdatablocktransferred(default=
OFF)
helpDisplaysdescriptionsforftpcommands
lcdChangestheworkingdirectoryonthelocalcomputer
literalSendsarguments,verbatim,totheremoteFTPserver
lsDisplaysanabbreviatedlistofaremotedirectorysfilesandsubdirectories
mdeleteDeletesoneormorefilesonaremotecomputer
mdirDisplaysalistofaremotedirectorysfilesandsubdirectories
mgetCopiesoneormoreremotefilestothelocalcomputer
mkdirCreatesaremotedirectory
mlsDisplaysanabbreviatedlistofaremotedirectorysfilesandsubdirectories
mputCopiesoneormorelocalfilestotheremotecomputer
openConnectstothespecifiedFTPserver
promptTogglesprompting(default=ON)
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
371
Telecom Network Solutions
putCopiesasinglelocalfiletotheremotecomputer
pwdDisplaysthecurrentdirectoryontheremotecomputer(literally,print
workingdirectory)
quitEndstheFTPsessionwiththeremotecomputerandexitsftp(sameas
bye)
quoteSendsarguments,verbatim,totheremoteFTPserver(sameasliteral)
recvCopiesaremotefiletothelocalcomputer
remotehelpDisplayshelpforremotecommands
renameRenamesremotefiles
rmdirDeletesaremotedirectory
sendCopiesalocalfiletotheremotecomputer(sameasput)
statusDisplaysthecurrentstatusofFTPconnections
traceTogglespackettracing(default=OFF)
typeSetsordisplaysthefiletransfertype(default=ASCII)
userSpecifesausertotheremotecomputer
verboseTogglesverbosemode(default=ON)
HocsdngccGUIModeFTPClientsnh
TotalCommander
CuteFTP
SmartFTP
Downloadbnthdngthcaccphnmmnytitrangwww.tucows.com
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:372
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGVIII
Cu hnh VPN trn ISA Server 2006
ISA Server l Firewall tng Application, cho php nh qun tr c kh nng xt ni dung
ca gi tin i qua ISA Server mc Payload (TCP Header + Ni dung bn trong gi).
Ngai ra, cng nh cc Firewall khc, ISA Server c kh nng cu hnh thnh mt VPN
Server cho php Clients t xa truy cp (Client to Site) hoc cu hnh lm mt Gateway kt
ni n mt h thng chi nhnh (Site to Site). VPN Server ca chi nhnh c khuyn co l
mt ISA Server 2006, nhng thc t ISA Server 2006 c th kt ni VPN rt tt vi cc thit
b VPN ca cc hng khc.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
373
Telecom Network Solutions
43. M hnh thc hnh
44. Cu hnh cp pht IP ng cho VPN Clients
ClientshocVPNServerkhiquayVPNvoISAServersccpmtachIP
PrivatesdngtrongVPNTunnel.ISAvClientsssdngachIPnycho
phnRoutingtrnVPN.PrivateIPccpphtcthlytDHCPServerhoc
lytdchvRoutingandRemoteAccesstrnWindows2003.
ISAServerthcrasdngRoutingandRemoteAccesscaWindows2003lm
VPNvRouting,ngairaISAServerthmnhngphnFilteringvApplication
Filtercamnhvosnphm.CuhnhRoutingvVPNtrnISAServerddng
hnRoutingandRemoteAccessvgiaodinWebddng.
Ghich:NhquntrcththayigiaodincuhnhWebcaISAServerthngquanhngtrang
webcsntrongISAServer.
IPAddressPoolquynhtrnISAServerlmtkhangachIP.achIPu
tincISAServersdngchochnhmnhkhibttnhnngVPNtrnISA
Serverln.NhngachIPtiptheoscpphtchoClientshocVPNServer
khiquayVPNvoISAServer.
KhangachIPcpphtnykhngctrngNetworkIDvibtklp
mngnocaISAServerhoctrongtanhthngRouting.NutrngNetwork
giacclpmng,ISAServervRouterkhngthRoutingcvbOverlap
Destination.iunycngspdngcho2ISAServerquayVPNvinhautheo
mhnhSitetoSite.
CuhnhISAServercpphtIPchoVPNClients
VoISAServerManagementConsole
ChnmcVirtualPrivateNetwork
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:374
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
VPNccuhnhtrongmcVirtualPrivateNetworks
Chnmcs3RoutingandRemoteAccessProperties
ClickchnTabAddressAssignment
AddressPoollkhangIPsccpchoClientskhiktnivoISAServerbngVPN.ClickADD
thmkhangIPscp
ClickUseStaticAddressPool
ClickADDthmkhangIPvoPool
KhangIPbtut172.30.1.1n172.30.1.50htrcho49Clientsktnivo
ISAServerbngVPN.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
375
Telecom Network Solutions
CuhnhkhangIPscpchoClientskhiktnivoISAServerbngVPN
ClickOKquaylivicasProperties,kimtrakhangIPvathm
KimtralikhangIPcpchoClients
ClickOK
ClientskhiquayvoISAServerbngVPNsccpphtccachIPnm
trongkhangtrn,vchachIPutincISAServersdng.Khang
IPnyscsdngtrongVPNTunneltClientsnISAServer.
45. Cu hnh Authentication
AuthenticationtrnISAServerhtrcccProtocolAuthenticationsau
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:376
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
BngphnlaiccProtocolsdngtrongvicchngthccaVPNServer.CcProtocolnyp
dngchohuhtcclaiFirewall,trongcISAServer2006
MSChapV2chsdngchoClientstWindows2000trln.Nuchngta
munktniWindows9XvohthngbngVPNphiEnablethmMSCHAP.
CuhnhAuthenticationtrnISAServerbngcchchnmcs3VPN
PropertiesvchnTabAuthentication,clickduchnMSCHAP.
VoISAServerManagementConsolevchnVirtualPrivateNetwork
Chnmcs3RemoteAccessConfiguration
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
377
Telecom Network Solutions
CuhnhtipphnRemoteAccessConfiguration
ClickchnTabAuthentication
ChngtibtthmMSCHAPVersion1chophpLegacyClients(Windows9x)ktnivoISA
ServerbngVPN.
ClickOK
NgairanhngOptionskhcchngtakhngsdng,vdnhEAPTLSphi
cSmartCardmicththchinktniVPNc.SmartcchaCertificate
caUserkmtheoPrivateKeychngthcUser.SmartCardmuns
dng,hthngchngtaphicSmartCardReader.Hinnay,SmartCardcha
thcscsdngrngricchthngmngVN.
46. Cu hnh User Account cho VPN Clients
UsersAccounttrnISAServercthsdngWindowsAuthenticationdng
chnhWindowsAccounttrnISAServerchngthcchoUserquayvoISA
ServerbngVPN.
NgaiWindowsAuthentcation,ISAServercthsdngUserAccountti
LDAPServerhocRADIUSServer.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:378
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
WindowsAuthenticationsdngmtGroup,khaiboGroupnychoISA
ServerchobitnhngUserAccountnmtrongnhmnyscquayVPNvo
ISAServer.
TonhmtrnWindows
VoCOMPMGMT.MSC(ComputerManagement)
VoComputerManagementnhanhbngSnapinCOMPMGMT.MSC
ChnmcLocalUsersandGroups
ClickphichtvoGroupschnNewGroup
ToGroupmitrongLocalAccountDatabasecaISAServer.
GroupNamegVPNClients
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
379
Telecom Network Solutions
ClickADDtronglctonhmthmthnhvinchonhm.ThnhvincanhmlcnylUser
trongLocal,hocUsertrnDomainnuISAServercthamgiaDomain(nhngchngtikhng
khuyncosdngtnhnngny)
ClickAddthmMembervoGroupny.ChngtictosnmtUser
AccounttnVPN1/123abc!@#vAddUsernyvonhmVPNClients.
GtnVPN1vophntm,clickOKAddUsernyvonhmVPNClients
ClickAdvancetmUserhocgtrctiptnUsernubit.ClickOKthmUservonhm
ClickOK
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:380
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChkhitoUserAccountkhngnnCheckOptionUsermustchange
passwordatnextlogon
BnphibtnhnngUsermustchangepasswordatnextlogonUsercthktniddng.User
khisdngVPNsxacngty,xaingSupportcahthngnnphictothunlitia
khisdnghthng.
KhaiboVPNClientsGroupvoISAServer
VoISAServerManagementConsole
ChnmcVirtualPrivateNetwork
Clickchnmcs2WindowsAuthentication
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
381
Telecom Network Solutions
CuhnhISAServersdngUsertrnWindowschngthc.WindowsUserscthlLocal
UserhocDomainUser.ChngtikhngchoISAServerthamgiaDomainnhngsdng
RADIUSServercthgipISAServerchngthcbngDomainUsers.
ClickADD
ClickADDthmnhmvophnGroupstrongVPN
GtnnhmVPNClientsvophntm,ClickOK.Nugtnng,chngtas
thmcnhmVPNClientsvoISAServer.ThaotcnychoISAServerbit
nhngUserAccountnonmtrongnhmnyscquayVPNvoISA
Server.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:382
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
GtnnhmvophnEnthertheobjectnamestoselect.BmCheckNameskimtraxemtnc
ngkhng.NuphnUsernamecgcht(underline)lng.
ClickOK
ClickOK
KhiClientsktnivoISAServersphichngthcbngmtUsernmtrong
nhmny.TrnISAServer,nhquntrchcnthmUservonhmVPN
ClientshocbUserrakhinhmkhiqunlvictruycphthngbngVPN.
47. Cu hnh VPN trn ISA Server (Client to Gateway)
VPNtrnISAServersdngRoutingandRemoteAccesscuhnh,hantan
datrnRoutingandRemoteAccess.ViccuhnhVPNtrnISAServergn
nhtngviccWizardcaISAServer.CuhnhISAServerthnhVPN
Servergm5bc,nhngnhngbctrnchngtacuhnhmtsbc
nhcpIP,UserAccountnnphncnlilBttnhnngVPNtrnISAServer,
kimtraNetworkRulegiaVPNClientsvccNetworkkhctrnISAServer,
cuicngltoAccessRulechophpVPNClientstruycpvoccNetwork
khctrnISAServer.
BtISAServerVPNFunction
VoISAServerManagementConsole
ClickchnphnVirtualPrivateNetwork
Clickchnmcs1
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
383
Telecom Network Solutions
CuicnglbttnhnngVPNClientstrnISAServer
CheckduchnEnableVPNClientsaccess
XcnhslngVPNTunnelstiacthktnicnglclnISAServer.
ClickOK
KimtraNetworkRulegiaVPNClientsvInternal/External
VPNClientsviInternalssdngkiuilROUTEvcnglaiIPPrivate.
McnhISAServerquynhsnnnchngtakhngcncuhnhgthm
VomcNetworkRulestrnISAManagementConsole
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:384
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhNetworkRulestrongmcNetworkscaISAManagementConsole
ChntipTabNetworkRulesvchRuleVPNClientstoInternalNetworks
dngkiuROUTE
ChnTabNeworkRulesvchphnVPNClientstoInternalNetworkmcnhsdngROUTE
VPNClientsvExternalssdngNATgiaotipvinhauvraInternetphi
sdngPublicIP.PrivateIPcNATthnhPublicIPgiaotipviInternet.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
385
Telecom Network Solutions
CuhnhNetworkRulesgiaVPNNetworkvInternet
ChntipTabNetworkRulevxemchititRulesdngkiuNAT
McnhISAServer2006cngcuhnhRulechoVPNsdngNATkhitruycpExternal
48. To v kt ni VPN Clients t Windows
TrnWindowsXPhocClientsmunktnivoISAServerbngVPNchngta
phitoktnitrnWindows.ClientstoSiteVPNchsdngchochnhClients
thi,ktninyskhngcSharechoClientskhcsdng.ClientstoSite
VPNchyuhtrchonhnvinlmvicnh,lmvictinhhocPart
Time/Freelancerktnivocngtymkhngcnphingilmvictrongmng
LAN.
WindowsXPqunlktnimngbngbngphnNetworkConnectionstrong
Windows.cuhnhchoWindowsXPktniVPNchngtavoNetwork
ConnectionsvchnAddNewConnection
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:386
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SdngNetworkConnectionstrnMyNetworkPlacecuhnhtothmKtnimi
ClickchnOptionConnecttoaNetworkatmyworkplace
ChnOptionConnecttothenetworkatmyworkplace
ClickchnVirtualPrivateNetworkConnection
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
387
Telecom Network Solutions
ToVPNConnectiontrnWindowsXPktninVPNServer.Chngtachthchincngvic
nytrnmytnhcangidngchophphlmvictigia,ktnitxaquaInternetvocng
ty.
ClickNext
CompanyNamesltncaConnection,chngtagVietCERTCo.,Ltd
ttnchoKtnistotrnWindowsXP.Khingidnglmvicnhhphisdngktni
nylytinguyntronghthngLANslm
ClickNext
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:388
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DestinationchnhlachIPPubliccaVPNServerhocDNSNamechngti
tochoVPNServerlvpnserver.vietcert.com.Tnminnyscphngii
thnhachIPthtcaISAServer.
achIPhocHostnamecaVPNServer
ClickNext
Kimtralinhngthngscuhnh
TomtShortcuttrnmnhnhnncaUsertosthuntinkhilmvic
ClickchnAddashortcuttothisconnectiontomydesktoptinchoUserkhi
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
389
Telecom Network Solutions
ktnivoCorpLANcaVietCERT.
ClickFinish
KtniWindowsXPvoISAServerbngVPN
DoubleClickvobiutngVietCERTVPNConnectionvato
VPNConnectionsaukhitoracngcqunlbngcngcNetworkConnectionstrnWindows
2003
KhaiboUsername/PasswordnmtrongnhmVPNClientstotrnISA
Server.UserAccountnychcchngnngkhitoktninISAServerbng
VPN,ngairaskhngcsdnglytinguyntrnhthng.Usersau
khiktnivoISAServerbngVPNServerstiptcthchincngvicca
mnhbngUserAccountsdnghngngytrongDomain.
inUsername/Passwordlvpn1/123abc!@#
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:390
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KtniWindowsXPvohthngVPNServertrnWindows2003
ClickConnect
Nuktnithnhcng,Windowsshinthmtcasnhbndithanh
TaskbarchobitthigianktninVietCERTNetwork.
Suakhiktnithnhcng,VPNConnectionhinthtrnthanhTaskBarcangidng
TrongNetworkConnectionthWindowshinthnhtronghnhsau
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
391
Telecom Network Solutions
NetworkConnectiontrnWindowscngchobittrngthihinticaktninyConnected
Ghich:ktnicnISAServerbngVPNthClientsphicngtruynInternetc
thtngtccnachIPcaISAServer.VPNTraffickhiitrnInternetscmha
bngIPSecTunnel,PPTPhocL2TP/IPSec.
KtnithnhcngnISAServerbngVPNchngtasccpmtachIP
choktniVPNnISAServer.MitraffickhinysiquaISAServer,kc
nhngTrafficiraInternet.
TrnClientsglnhROUTEPRINTxemRoutingTablecaClientssaukhi
quayVPNthnhcng
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:392
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RoutingTabletrnClientssaukhiktnivoVPNServer.DefaultRouteschnVPNServerlm
Gateway,mitraffictClientslcnysiquaVPNServertrongVietCERTLAN.
ChdngDefaultRouteutinsdngGatewayl172.30.1.1.Gatewayny
squnlttcccktnirangaitVPNClientskcnhngktnira
Internet.NhquntrcthcuhnhRoutingtrnClientschoUserphn
lungdliunhsau:InternetibngLocalRoutercaUser,LANTraffici
voISAServerquangVPN.
SdnglnhRouteADD/RouteDELETEthayiRoutingTablecaClients.
ChngtasbDefaultRoutecaVPNvthayvobngmtDestinationca
LAN,DefaultroutessdngLocalRouterADSLcaUser
ROUTEDELETE0.0.0.0
XaDefaultRoutekhngchthngvoVPNServercaVietCERT
LnhnysxattcccDefaultRoutectrongRoutingTablehinti
VROUTEADD192.168.1.0MASK255.255.255.0172.30.1.2
ROUTEADD0.0.0.0MASK0.0.0.010.0.0.2
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
393
Telecom Network Solutions
ThayvolchDefaultRouteraGatewaylRouterADSLtigiacangidngvthmmt
EntryvoRoutingTablecaClientschophptruycpmngLAN
SdngLocalRouterlmDefaultGateway
KimtraliRoutingTablebngCommandROUTEPRINT
SdnglnhPATHPINGxemngicagitin
PATHPING192.168.1.2
KtqulgitinivoVPNTunnel
SdnglnhTracertkimtrangivomngLANtClientssaukhiktniVPN
PATHPINGwww.yahoo.com
KtqugitinibngLocalRouterADSLraInternet.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:394
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
SdngTracertkimtrangiInternet.Ktqunhmongi,InternetTrafficiqua
Gatewaytigiacangidng(RouterADSL)
49. Cu hnh VPN Site to Site vi ISA Server 2006
SitetoSiteVPNrtquantrngkhiktninhiuchinhnhvinhauvthct
rtnhiuhthngsdngVPNSitetoSitektniccchinhnhcamnhli
vinhau.
VietCERTsdngVPNSitetoSitetrnISAServerktnicchthngchi
nhnhcamnhvinhau,vsdngISAServerlmVPNServerchoClientskt
nivoLAN.ViccuhnhVPNtrnISAServertrnnquddng,khng
gingnhtrnISAServer2000,chngtakhngcnImportbtcthgt2ISA
Server(HomehocRemote)mchcncuhnhmibnISAServermtRemote
Networklxong.NetworkktnibngVPNctothnhmtNetwork
ObjecttrnISAServer.
CuhnhVPNSitetoSitetrnbtcthitbnocngphituntheoccnguyn
tcgilcchBINDINGsauy
ToDemandDialInterfaceviDialoutUsername+DialInUsernametrn
VPNServer.DemandDialInterfacesctotrn2VPNServersvinguyn
tcsau
DialOutUsername1=InterfaceName2
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
395
Telecom Network Solutions
ThchinngcchBINDINGtrnc2VPNServerthchinVPNSitetoSitetheonguyn
tc:DialoutUsernamephitrngviInterfaceNamecaVPNServerbnkia.
ChngtistoktniVPNcho2ISAServer2chinhnhSiGnvH
Ni.
Bng
ChngtakhngthchntoDemandDialInterfacenhngthngquaISA
ServerchngtatoRemoteNetworkNetworknysctotrnISAServer
vchaccachIPcanhngClientschinhnhHNisctruycpvo
ISAServer/InternalsaukhihthngVPNhanchnh.
VoISAServerManagementConsolevchntipmcVirtualPrivateNetwork
TrongcasDetailsPanechnTabRemoteSites
SdngTabRemoteSitetoVPNNetworkchoISAServer.
ClickCreateVPNSitetoSiteConnectiontrongcasTaskPane
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:396
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToVPNNetworkbngTaskPanetrnISAServerManagementConsole.
NetworkName:HaNoichphnnychngtaphigng,vNetwork
NamechnhlphnDemandDialInterfacesctotrnRoutingandRemote
Access.DemandDialInterfacesBINDngnuUsernamesdngchng
thcviVPNServer(DialInUsername)ngviInterfaceNamecaInterface
ny(tcHaNoi).TchInterfaceName=Usernamennsaukhicuhnhxong
RemoteNetworkchngtaphitomtUserAccounttrnISAServervAdd
vonhmVPNClients.UserAccountnycUsernametnHaNoi,Passwordl
123abc!@#.UserAccountnyscISAServerchinhnhHNisdng
chngthckhiquayvoISAServerSiGn.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
397
Telecom Network Solutions
NetworkNamechnhlDemandDialInterfaceNamesctotrndchvRoutingandRemote
Access.InterfaceNamephichnhxcviDialInUserAccounttotrnVPNServerny.
ClickNextvchnPPTPConnection.ChngtiktniVPNgia2chinhnh
caVietCERTbngPPTPVPN.PPTPkhngbomtbngLT2P,saukhicgi
cuhnhcPPTPchngtishngdnchuynsangL2TPConnectionv
phicIPSechocCertificate.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:398
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnlaiktniVPNviNetworkny,mcnhchngtichnPPTPcthhtrchonhng
thitbkhngphiISAServercngcthktnic.
ClickNext
MicrosoftrtkkhinhcnhngidngphitomtAccountcngtnvi
NetworkNamechngtaangto.ClickOKtiptc,phntoUseraccount
chngtasthchnsaukhixongWizardny.
ISAServercnhbongidngkhicuhnhNetworkNamelphicmtUsernamecngtnvi
NetworknamectoraVPNServerbnkiasdngchngthc
ClickOK
achIPchngtakhaibokhangachIPsdngchinhnhHNicho
ISAServer.NhngIPchngtagyscAddvoNetworkmangtn
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
399
Telecom Network Solutions
HaNoitrnISAServer1chinhnhSiGn.
achIPcaVPNServerchinhnhHNi.
ClickNext
KhaiboUserAccountsdngchngthckhiquayVPNviISAServerchi
nhnhHNi.UseraccountnyphibttnhnngDialInvtrngtnvi
NetworknameSaiGonbnISAServer2006caHNithchincch
BINDING.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:400
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KhaiboUsernamevPasswordsdngchngthcvichinhnhHNi.SaigonslInterface
NamehaycngilNetworkNametrnVPNServerHNi.
ClickNext
CuhnhkhangachIPcpchomngHaNoi.KhangIPnychnhlkhang
IPtrongvngLANcaISAServerchinhnhHNi.TrnISAServerSiGns
hiuHaNoilmtNetworktrongphnNetworkDefinitionvpdngvoRule
nhmtNetworkthngthng.
ClickADDRANGEthmkhangIPsdngtrongVPNNetworkny.ViISAServerSiGn
thNetworkRangesbaogmnhngachIPcamngLANbnchinhnhHNi.
ClickAddrange..thmkhangIPvoWizard.KhangIPchngtasthml
192.168.2.0192.168.2.255lkhangIPsdngbnmngLANchinhnhH
Ni.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
401
Telecom Network Solutions
KhangIP192.168.2.0chnhlkhangIPsdngtrongmngLANcaVietCERTHNi.
ClickOKquayliWizard
KimtrakhangIPvathm
KimtralikhangIPsaukhiADDRANGE,vcbitchnusaistchnysdnnvic
Routingkhngng,VPNConnectionbli
ClickNext
CheckchnIllcreateanetworkrulelatervphiphntchhthngvcquyt
nhngn.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:402
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TtoNetworkRule.ISAServer2006cthtoNetworkviccmngkhc,nhngchngtikhng
thchintnhnngnybngWizard
ClickNext
Kimtralinhnggcuhnh
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
403
Telecom Network Solutions
Kimtralitanbqutrnhcuhnh,cthsdngntBackthayi
ChNetworkNamephikhpviUsernamechngtatora
ClickFinish
WindowscnhbongidngstngRestartlidchvRoutingand
RemoteAccess.ISAServertndngdchvnycaWindowschyVPN.
ISAServer2004cngnh2006sdngdchvRoutingandRemoteAccesslmVPNServer
ISAServer2006hnISA2004vphntinlivbomt.ISAServer2006rtk
khicnhbongidngtrongsutqutrnhcuhnh.ISAServer2006nhcnh
ngidngnhnggcnthitsaukhicuhnhxongWizardny.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:404
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ISAServercnhbongidngnhngvicphilmtiptheosaukhicuhnhWizard
TiptctoUserAccountmangtnHaNoitrnISAServerchinhnhSi
Gn
VoComputerManagement(COMPMGMT.MSC)
VoComputerManagementbngCOMPMGMT.MSC
ChnmcLocalUsersandGroups
ClickphichutvophnUserschnNewUser
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
405
Telecom Network Solutions
QunlUserAccounttrnfileSAMbngcngcComputerManagement
UsernamegHaNoi,Passwordg123abc!@#
ToUserAccountbngComputerManagementvkhngsdngOptionUsermustchange
Passwordatnextlogon.TnhnngnychnndngchoUserngnhphthng
ClickOK
VoUserstrongmcLocalUsersandGroupsvPropertiesUserHaNoi
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:406
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
PropertiesUseraccountcuhnhcctnhnngchoVPNvRemoteAccess
ClickchnTabDialIn
ClickchnOptionAllowAccess
ChnTABDialIncuhnhchophpquayVPN
ClickOK
CuhnhVPNtrnISAServerHNi
TiptheocuhnhVPNtrnISAServer2chinhnhHNi.ISAServerchi
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
407
Telecom Network Solutions
nhnhHNissdngNetworkNametnSaiGonvikhangachIPlcc
ClientstrongmngInternalcaISAServerSiGn.
VoISAServerManagementConsolecachinhnhHNi
ClickmcVirtualPrivateNetwork
TrnISAServerHNi,chngticngsdngTabRemoteSitecuhnhVPNNetwork
ClickmcCreateVPNSitetoSiteConnection
ToVPNNetworkchoISAServerHNibngTaskPane
NetworkNamechngtagSaiGon.Cngphnchtngtnhkhicuhnh
ISAServer1tiSiGn,NetworkNameslDemandDialInterfacetoratrn
ISAServer2tiHNi.NuNetworkNamesaiInterfaceNamesaiCu
hnhVPNsblivkhngthBINDINGc.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:408
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NetworkNamechngtitochoISAServerHNilSaiGonchnhmngLANSiGn
ClickNext
LaiVPNProtocolchngtimuncuhnhylPPTPcsncchmha
khitruyndliuquaInternet.Saubithchnhnychngtishngdn
cuhnhVPNviL2TP/IPSec
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
409
Telecom Network Solutions
ChnlaiVPNConnectionchngtisdngktnilPPTP
ClickNext
ISAServercngcnhbongidngvvictoAccountcngtnviNetworkNamevato
ClickOK
CuhnhachIPcaISAServercatngcngtyVietCERTSiGn.Khic
kchhat,ConnectionnytngktninVPNServermangach
203.162.24.33.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:410
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
achIPcaVPNServerchinhnhSiGn.IPnylIPcaExternalInterfacetrnISAServer
ClickNext
inUsername/PasswordktniviISAServerSiGn.
KhaiboUserAccounttrnISAServerchinhnhSiGnISAServerHNicthsdng
chngthc
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
411
Telecom Network Solutions
ClickAddRangethmkhangIPsdngchoNetworkSaiGon
ADDRangethmkhangIPcamngLANangsdnghthngSiGn.
KhaibokhangIPangsdngSiGnl192.168.1.0192.168.1.255
Khangmng192.168.1.0angcsdngtiVietCERTSiGn
ClickOKquayliviWizard
KimtrakhangIPvacuhnh,khangIPnykhngctrngvimngIP
hinti.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:412
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraliNetworkRangesaukhithm
ClickNext
NetworkRulechngtistcuhnhsaumkhngcnsdngWizard
ClickNext,phnRoutingchngtiscuhnhbngNetworkRule.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
413
Telecom Network Solutions
VcngkhngsdngWizardcuhnhAccessPolicy.Vicnychngtaslmsaukhicuhnh
xongWizard
TiptheocngClickNextbquaphncuhnhAccessRulebngWizard,chng
tiscuhnhbngManualcgidnmbthn.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:414
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralithngscuhnhmtlnnatrckhiClickFinish
Reviewliqutrnhvacuhnh,ClickFinish.ISAServerhngdntipngi
dngphicuhnhthmNetworkRulevAccessRulemicthktnic
haihthngny.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
415
Telecom Network Solutions
ISAServernhcnhnhngviclmcnthiutrongkhicuhnhWizard
ClickOK
SaukhicuhnhVPN,ISAServertomtNetworkmangtnSiGnvnm
trongphnVPNRemoteSite.
ClickAPPLYchpnhnthayitrnISAServer
hiuvnhn,chngtimicgiClickvophnNetworkstrongmc
ConfigurationxemNetworkSaiGonctoranhthno
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:416
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraNetworkSiGnvato.SaiGonlcnylmtNetworknmtrongISAServerHNiv
mangachIPRange192.168.1.0
NetworkSaiGonnyscsdngtrongccRulecuhnhcaISAServerH
Ni.
TiptheocuhnhNETWORKRULEgia2Networkchngtavato.
chinhnhSiGn,trnISAServerchngtaxtccmiquanhcanhng
Networkvinhau.HaNoiNetworksiviInternalbngROUTE,chngtato
mtNetworkRulechoInternalHaNoiibngkiuROUTE.
RuleName
SourceNetwork
Destination
Relationship
HaNoiInternal
HaNoi
Internal
ROUTE
VoISAServerManagementConsolechnmcConfiguration
ChntipmcNetworkRules
CuhnhNetworkRulesdngISAServerManagementConsole.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
417
Telecom Network Solutions
ClickCreateaNetworkRuletrongcasTaskPane
ToNetworkRulebngTaskPane
RuleNamegHaNoiInternal.
NetworkRuleNamechcgitrhinth,biuthtnhchtcaRuleny
ClickNext
SourceNetworkclickADD
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:418
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmNetworkSourcevoRule
ChnmcNetworkvDoubleClickvInternal
ChnNetworkInternalavoSource.
ClickClosequayliWizard
KimtraNetworkvathm
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
419
Telecom Network Solutions
PhnSourcechngtichcnthmInternalmkhngcnphithmmngSiGnhayHNiv
NetworkRulesdngcch2chiu
ClickNext
TiptcthmDestinationNetwork,clickADD
ClickADDthmDestinationNetworkvoRule
ChnmcNetworkvDoubleClickvoHaNoi
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:420
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DoubleclickchnHNiNetworkvoRule
ClickClosequayliviWizard,kimtraNetworkvathm
ClickNextxcnhmiquanhgia2mngny.CnglaiPrivateIPnnsc
miquanhROUTE.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
421
Telecom Network Solutions
Miquanhgia2NetworknyslROUTEvcngmangachIPPrivate
ClickNext
Kimtraliqutrnhcuhnh,clickFinish
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:422
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralivictoRuletrckhiclickFinish
Kimtraliktqucuhnh
Saukhicuhnhxong,mtRulemisxuthintrongNetworkRules
TiptctoNetworkRuleHNivDMZNetworktiSiGnibngkiu
NAT
Haimngmang2laiachIPkhcnhaunncmiquanhNAT
RuleName
SourceNetwork
Destination
Relationship
HaNoiDMZ
HaNoi
DMZ
NAT
VoISAServerManagementConsolechnmcConfiguration
ChntipmcNetworkRules
NetworkRulesqunlccmiquanhgianhngNetworkquaISAServer
ClickCreateaNetworkRuletrongcasTaskPane
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
423
Telecom Network Solutions
ToNetworkRulebngTaskPane
RuleNamegHaNoiInternal.
NetworkRulenamethhinmiquanhgiaccmng
ClickNext
SourceNetworkclickADD
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:424
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmNetworkvoSourcecaRule
ChnmcNetworkvDoubleClickvoDMZNetwork
ChnNetworkDMZtrnISAServerSiGn
ClickClosequayliWizard
KimtraNetworkvathm
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
425
Telecom Network Solutions
ChnDMZNetworkvoSource
ClickNext
TiptcthmDestinationNetwork,clickADD
ADDthmNetworkvoDestination
ChnmcNetworkvDoubleClickvoHaNoi
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:426
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NetworkchngtisdngslHaNoi
ClickClosequayliviWizard,kimtraNetworkvathm
TDMZNetworkcaISAServerSiGnnviISAServerHNimngInternalsdngRule
ny
ClickNextxcnhmiquanhgia2mngny.CnglaiPrivateIPnnsc
miquanhROUTE.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
427
Telecom Network Solutions
V2NetworknysivinhaubngcchNATvkhclaiachIP
ClickNext
Kimtraliqutrnhcuhnh,clickFinish
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:428
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralncuitrckhiclickFinish
Kimtraliktqucuhnh
Saukhicuhnh,RulemixuthintrongTabNetworkRule
XttrnISAServer2tiHNichngtatoNETWORKRULEgiaNetwork
SaiGonvInternalibngROUTE
RuleName
SourceNetwork
Destination
Relationship
SaiGonInternal
SaiGon
Internal
ROUTE
VoISAServerManagementConsolechnmcConfiguration
ChntipmcNetworkRules
CuhnhNetworkRulebngTabNetworkRuletrnISAServerHNi
ClickCreateaNetworkRuletrongcasTaskPane
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
429
Telecom Network Solutions
ToNetworkRulebngISAServerTaskPane
RuleNamegSaiGonInternal.
NetworkNametchoRule
ClickNext
SourceNetworkclickADD
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:430
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickADDthmNetworkvoRule
ChnmcNetworkvDoubleClickvInternal
DoubleClickvoInternalavoRule
ClickClosequayliWizard
KimtraNetworkvathm
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
431
Telecom Network Solutions
InternalNetworkscavoRule
ClickNext
TiptcthmDestinationNetwork,clickADD
ClickADDthmDestinationNetwork
ChnmcNetworkvDoubleClickvoSaiGon
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:432
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DoubleClickvoSaiGonthmvoRule
ClickClosequayliviWizard,kimtraNetworkvathm
SaiGonNetworkslDestinationtrongRule
ClickNextxcnhmiquanhgia2mngny.CnglaiPrivateIPnnsc
miquanhROUTE.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
433
Telecom Network Solutions
Miquanhgia2mngnyslROUTEvcnglaiachIP
ClickNext
Kimtraliqutrnhcuhnh,clickFinish
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:434
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralncuitrckhiclickFinish
Kimtraliktqucuhnh
KimtraRulesaukhicuhnhbngWizard.ChphiclickApplylucuhnh
CuhnhAccessRulecho2NetworkVPN
VcuicngltoACCESSRULEchoc2ISAServercgiaotipvinhau
bnglaitrafficg.ChngtathchincuhnhAccessRuletrnc2ISAServers
SiGnvHNivAccessRulekhngctnhnng2chiu.Sourcev
Destinationphichac2Networkmicthgiaotipc2chiu.
CuhnhtrnISAServer1SiGn
ChngtichophpnhnvinSiGncktnirachinhnhHNilyti
nguynSharevtruycpvoWebServerttiHNi
Source:Internal,HaNoi
Destination:Internal,HaNoi
Protocol:HTTP,NetBIOSDatagram
User:Everyone
Scheduler:Always
ContentType:AllContenttypes
TnRule
Protocol
Source
Network
Destination Users
Network
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
Ghich
435
Telecom Network Solutions
SaiGon
HaNoi
HTTP,
NetBIOS
Datagram
Internal,
HaNoi
Internal,
HaNoi
AllUsers
Chophp
UsertSi
Gntruy
cpraH
Niv
ngcli
VoISAServerManagementConsole
ChnFirewallPolicy
CuhnhAccessRuletrongmcFirewallPolicy
TrongcasTaskPanechnCreateNewAccessRule
ToAccessRulebngTaskPane
RuleNamegSaiGonHaNoi
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:436
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
RulenamechobitmngnysitNetworknonNetworkno
RuleActionchnAllowchophpquaISAServer
ChophpRulenyciquaISAServernukhpvicciukindiy
ProtocolclickchnSeletedProtocolvClickAdd
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
437
Telecom Network Solutions
ChnSelectedProtocolthmvonhnglaitrafficgsciquaISAServer
TrongphnComponentDoubleClickvoccProtocolchophplytinguyn
quanmng:NetBIOS
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:438
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TmvDoubleClicklnltccProtocolschophpnuClientstSourceNetworkirang
DestinationNetwork
ClickClosequayliWizard,kimtraccProtocolvathmvoPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
439
Telecom Network Solutions
CcProtocoltrongbngtrnyscchophpiquaISAServer
ClickNext
PhnSourceclickAdd
ClickADDthmNetworkSourcechoRule
TrongmcAddressRangechnInternalNetworkbaogmkhangIPcamng
LANVietCERTSiGn.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:440
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
DoubleclickInternalNetwork
ClickClosequayliWizard
NuccProtocoltrongbngtrncSourceIPnmtrongkhangInternalvHNisccho
php
ClickNext
PhnDestinationchngtachophpccClientsnyractruycpquamng
LANbnchinhnhHNinnchngtiscuhnhDestinationgmInternal
vHaNoiNetwork.ClickAddchnmcNetworks
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
441
Telecom Network Solutions
ThmDestinationNetworkchoRule
DoubleclickvoInternalvHaNoichophp2Networksnycthtngtcln
nhau.Nuchgn1NetworkvoSourcevDestinationthtrafficchcthi
cmtchiu.
DoubleclickthmInternalvSiGonNetwork
ClickClosequayliWizard
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:442
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrafficnoitLANSiGnvLANHNiviccProtocoltrongbngtrnscphpiqua
ISAServer
ClickNext
PhnUserschophptanbUserscthtruycpcInternetnnchngti
chnAllUsers.
AllUsersSetchophpttcmingiuciquaISAServerny
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
443
Telecom Network Solutions
KimtratrckhiClickFinish
Reviewqutrnhcuhnh
ClickFinish
RulemitorachophpchinhnhHNivSiGncthgiaotipvinhau
saukhiktniVPNthnhcng.
CuhnhtrnISAServer2HNi
VngclitrnISAServer2chinhnhHNichngticngcuhnhRule
tngtnhSiGn,chophpnhnvinSiGnctruycpvoWeb
ServerHNilytinguynSharevtruycpWebApplicationHNi.
NuthiubccuhnhnythVPNchodktnithnhcngvnkhngth
tngtccgia2mngvchcn1ISAServerkhngquaphp,trafficsb
chn.
Source:Internal,SaiGon
Destination:Internal,SaiGon
Protocol:HTTP,NetBIOSDatagram
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:444
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
User:Everyone
Scheduler:Always
ContentType:AllContenttypes
TnRule
Protocol
Source
Network
Destination Users
Network
Ghich
SaiGon
HaNoi
HTTP,
NetBIOS
Datagram
Internal,
SaiGon
Internal,
SaiGon
Chophp
UsertSi
Gntruy
cpraH
Niv
ngcli
AllUsers
VoISAServerManagementConsole
ChnFirewallPolicy
CuhnhAccessRulebngFirewallPolicy
TrongcasTaskPanechnCreateNewAccessRule
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
445
Telecom Network Solutions
ToFirewallPolicytrongTaskPane
RuleNamegSaiGonHaNoi
ToRuleNameddngqunl
RuleActionchnAllowchophpquaISAServer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:446
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChophpccClientsiquaISAServernukhpvicciukinbndi
ProtocolclickchnSeletedProtocolvClickAdd
ClickADDthmccprotocolchophp
TrongphnComponentDoubleClickvoccProtocolchophplytinguyn
quanmng:NetBIOS
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
447
Telecom Network Solutions
ChnccProtocolnhthngnhttrongbngtrn
ClickClosequayliWizard,kimtraccProtocolvathmvoPolicy
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:448
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NhngProtocoltrongbngnyscphpquaISAServer
ClickNext
PhnSourceclickAdd
ThmAccessRuleSourceNetwork
TrongmcAddressRangechnInternalNetworkbaogmkhangIPcamng
LANVietCERTSiGn.
DoubleClickthmccNetworkvoRule
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
449
Telecom Network Solutions
ClickClosequayliWizard
ThmmngInternalvSiGnvoRule
ClickNext
PhnDestinationchngtachophpccClientsnyractruycpquamng
LANbnchinhnhHNinnchngtiscuhnhDestinationgmInternal
vHaNoiNetwork.ClickAddchnmcNetworks
ClickADDthmDestinationNetworkvoRule
DoubleclickvoInternalvHaNoichophp2Networksnycthtngtcln
nhau.Nuchgn1NetworkvoSourcevDestinationthtrafficchcthi
cmtchiu.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:450
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThmNetworkvoDestination
ClickClosequayliWizard
DestinationNetworkphibaogmInternalvSiGnvAccessRulekhngcxttheo2chiu
nhNetworkRule
ClickNext
PhnUserschophptanbUserscthtruycpcInternetnnchngti
chnAllUsers.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
451
Telecom Network Solutions
ChophpttcmingiucquaISAServertheoRuleny
ClickNext
KimtratrckhiClickFinish
Reviewqutrnhcuhnh
ClickFinish
SaukhicuhnhtrnISAServerHNi,chngtitinhnhktniVPN2
ServersnybngcchtomttrafficmichoDemandDialInterfacetktni.
ChngtisdnglnhPING
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:452
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ngtrnISAServerSiGnthchinlnhPINGsauy
PING192.168.2.100
C:\>ping192.168.2.100
Pinging192.168.2.100with32bytesofdata:
Destinationhostunreachable
Destinationhostunreachable
Destinationhostunreachable
Destinationhostunreachable
Requesttimedout.
Requesttimedout.
Replyfrom192.168.2.100:bytes=32time=94msTTL=120
Replyfrom192.168.2.100:bytes=32time=134msTTL=120
Replyfrom192.168.2.100:bytes=32time=98msTTL=120
ViachIP192.168.2.100lIPcamtmyClientstrongmngLANcachi
nhnhHNi.
Ghich:VPNSitetoSitetrnISAServerstngktnigia2ISAServerskhicmtRequest
nomungin2chinhnh.DemandDialInterfacetrnISAServerstngktni.Vic
RoutingtrnISAServersdngdchvRoutingandRemoteAccessnhngthayvolcuhnh
bngNetworkRule.
CuhnhLT2P/IPSecVPNConnection
cuhnhL2TPVPNchngtacncmttrong2dchvsau:IPSechoc
CertificatemhanidungcagiL2TP(vnL2TPkhngcmha).
IPSecsdngPresharedKeychngthc.TrnISAServermunktnibng
L2TP/IPSecPresharedKeychngtaPropertiesNetworkVPN
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
453
Telecom Network Solutions
CuhnhthngschoRemoteSiteNetworkktnibngVPNnISAServerny
VchnmcTabProtocol
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:454
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KhaiboPresharedKeychoNetworkny.PresharedKeyphigingnhauchaibnISAServerH
NivSiGn
CheckchnOptionL2TPvinPresharedKeyvocasbndi.Preshared
Keyphicbomt,khngbl.
ClickOK
TiptccuhnhcngmtPresharedKeytrnISAServerchinhnhcnli
(SiGn).
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
455
Telecom Network Solutions
CHNGIX
Trin khai Caching trn ISA Server 2006
ISA Server c mt tnh nng c o m t c lai Firewall phn cng no c th snh kp l
cung cp tnh nng truy cp Internet vt tri (Internet Acceleration). ISA Server c cu
hnh thnh mt Proxy Server cha ni dung trang web m Clients truy cp, ng thi
Proxy Server cng c s dng lm Firewall dng HTTP hoc FTP. Trong bi LAB
ny chng ta s cu hnh Proxy, Caching Rule v Scheduler Download Content cho ISA
Server 2006.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:456
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
50. Tm hiu v Caching
ISAServergm2tnhnngchnhlFirewallvAcceleratorchoInternet.ISA
ServertngtcInternetbngtnhnngCachecamnh.ISAServercthc
cuhnhthnhmtProxyServer.XtvtnhnngProxy,ISAServerlngc
vinngutrongWebCaching.
CchCachegipISAServertngtcInternetkhiUsertruycp.Mitrangweb
ibngHTTPhocFileibngFTPcISAServerCacheli(RAMhoc
HDD).KhicmtClientsth2truycp,ISAServersdngCachesnc
cungcpchoClients.
TnhnngCachetrnISAServerrtnhanhnhtndngMemoryCachebngRAM
ISAServerCachetrongRAMvsauchuynxungbnh.McnhISA
Serversdng10%RAMchovicCache.Chngtacthcuhnhlisphn
trmRAMsdngnysaukhiciISAServer.
Tronglnsdngsau,nucClientsnotruycpvongtrangwebnm
trongCache,ISAServerslynidungttrongCachera
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
457
Telecom Network Solutions
TtcccHTTPRequestucISAServerCacheli.
ISAServerhtrForwardCachingchoClientstrongLANtruycpInternetv
ReversedCachingchoInternetUsertruycpvoServertrongLAN.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:458
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
MtvtnhnngCachetrnISAServer
51. Cu hnh ISA Server 2006 thnh Proxy Server
ISAServermcnhlmtProxyServerlngnghetrnPort8080nhng
khngCachecnhlinidungcawebtrncngmCachevoRAM.Sau
khiServerkhingli,nhngCachenysmt.cuhnhISAServerthnh
proxy,cngvictiptheocnlmlnhlisPortmProxyServerangs
dng(cthithnh3128hoc6667)vnhdunglngcngscs
dnglutrCache.
nhliPortcaProxyServerISA
VoISAServerManagementConsole
ClickchnmcConfiguration
ChntiptabNetwork
CuhnhProxyPorttrongphnNetworkcaISAServerManagementConsole.
ClickphivoNetworkInternalvchnProperties
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
459
Telecom Network Solutions
CuhnhPortsdngchoInternalNetworkbngmngInternal
ChntiptabWebProxy
KimtraducheckEnableHTTPProxyServer
VlngnghetrnPort8080
PhnSSLProxychngtachacncuhnh.ChcuhnhOptionnynumun
UsersdngProxykhitruycpvocctrangwebHTTPS.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:460
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhAuthenticationchoWebClientskhitruycpInternet.
ClickAuthenticationcuhnhcckiuchngthciviccUsersdng
InternetquaProxy.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
461
Telecom Network Solutions
McnhkhngyucuWebProxyClientsphichngthckhisdngInternet
CcOptioncuhnhtrongcasnythcrakhngcnthit,vISAServerc
cchchngthcbngAccessRule.NucheckOptionRequireallusersto
authenticatecthgylichonhngsessionkhngthcungcp
Username/PasswordcnhWindowsUpdate.Microsoftkhngkhuynco
ngidngchnOptionny.VkhiquytnhsdngOptionny,nhqun
trphichcrngttccctraffickhirangaiInternetquaProxyphic
Username/Password.KiuchngthclIntegratedsdng
Username/PasswordcaWindowschngthc.
ClickOKngcasPropertiesli
Ghich:TrongNetworkLocalHostcngcphnWebProxytngtnhInternalnhngsdng
vochcnngScheduleDownloadContentchochnhISAServersdng.Ccmngkhcmuns
dngchcnngCache,nhquntrphibtcuhnhEnableHTTPCachetrnNetworktngng.
ChngticlickEnableHTTPCachetrnInternaliucnghalchhtrtnhnngCachenu
ClientssdngnmtrongmngLANInternalmangach192.168.1.0/24
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:462
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhWebProxychochnhISAServersdng
TiptheolnhdunglngcngsdngchaCachetrnISAServer
cngsdngchaCachetrnISAServerphicnhdngviNTFS,
dunglngCachechngtisdnglul12GBvclutrtrnmt
khicngringangsdngStriptngtctiaqutrnhghivcweb
cache.RAMtrnServerISAchngtisdng2GBRAMvcuhnh60%RAM
sdngchoCache.
VoISAServerchnmcConfiguration
ChnmcCachevchmcCacheangtrngthiDisable
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
463
Telecom Network Solutions
BttnhnngCachetrnISAServerbngcchkhaiboachaCache
TrongcasTaskPanechnDefineCacheDrive
CuhnhachaCachechoISAServer
ChncngD:angchaCachevD:angcnhdngNTFStrnmth
thngStripgm3cng4GB
ClickSet
VchsthayitrongcasCache
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:464
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XcdnhdunglngchoISAServersdngchaCache.cginnsdngCachelmtcng
chyRAIDtngtnhPerformance
ClickOK
ChphnCachetrthnhEnabled
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
465
Telecom Network Solutions
TnhnngCachechinthsaukhiquynhcngchaCache
Cuhnh%RAMsdngchoCache
ClickphivomcCachetrnISAServervchnProperties
CuhnhcctnhnngcaCachebngcasProperties
ChnTabAdvanced
ClickvophntrmRAMsdng,mcnhangl10%,chngticuhnhli
thnh60%theokhach.MiObjectkhilutrnRAMcaISAServercdng
lngkhngqu12,8KB.Dunglngnycngnhthtctruycpcng
nhanhvRAMxlstthn.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:466
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
QuynhtngdunglngRAMsdngchovicCaching.Dunglngctnhtheophntrm
catngsRAMtrnISAServer
ClickOK
Saukhitruycpmtvitrangweb,nidungCachetrnISAServersclu
vocngngdnURLCachetrnD:caISAServer.
52. Cu hnh Client s dng ISA lm Proxy Server
MunsdngtnhnngProxythccClients(trnhduytWeb)phihtrtnh
nngCache.ChngtisdngIE7vFirefoxchoUserduytWeb.iviIE
chngticthsdngPolicycuhnhvtttnhnngcuhnhProxytrn
IEngisdngkhngththayithngstytin.ViMozillaFirefoxth
iunylkhnghtvchcthcuhnhManualtrntngClients.
CuhnhProxySettingstrnIE
VoMenuToolsInternetOptions
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
467
Telecom Network Solutions
CuhnhProxybngInternetOptioncaInternetExplorer
ChnTabConnection
ClickchnntLANSettings
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:468
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhProxytrnClientssdngLANSettingstrongBrowser
ClickduUseaProxyServerforyourLAN
VgachIPcaISAServervisPort8080
ClickchnduBypassproxyServerforlocaladdresschophpClientskhngs
dngProxyServerkhitruycpccWebServernmtrongmngLAN.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
469
Telecom Network Solutions
KhaibothngtinvProxyServertrnInternetExplorer
CuhnhAutoIEProxySettingsbngGroupPolicy
PolicycthcpdngtOUhoccpDomainbucccClientphi
tuntheo.ChngtisdngmtGPOtrnOUVietCERTbucccClients
phituntheoPolicyny.
EditGPOchnmcUserConfiguration
ChnWindowsSettings
ChnInternetExplorerMaintenance
ChnConnection
DoubleClickmcProxySettings
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:470
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickPropertiesProxySettingstrongPolicycuhnhchohnglatClients
ThitlpthngsIPvPortnhcuhnhphnManual
CuhnhProxySettingsbngPolicytrnGPO
ClickOK
ny,ccClientsccuhnhProxycgntPolicy,nhngUsersvn
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
471
Telecom Network Solutions
cththayikhihsdngIE.ChngtacthtttnhnngiProxy
SettingstrnIEcaUserbngGroupPolicy.
CngtrongcngmtGPOchngtichntipAdministrativeTemplatestrong
phnUserConfiguration
ChntipmcWindowsComponents
TrongmcnychntipInternetExplorer
TmnOptionDisablechangingProxySettings
SdngPolicycuhnhtttnhnngthayiProxySettingstrnClients.
DoubleClickvothngsny
EnableSetting
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:472
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
EnabletnhnngkhaProxyvClickOK
ClickOK
ClickngcasGPOnyli
CuhnhMozillaFirefoxthnhClientscaProxyServer.
VoFirefoxchnMenuToolsInternetOption
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
473
Telecom Network Solutions
ClickOptiontrongMenuToolscaFireFox
ChnTadAdvanced,trongcasAdvancedtiptcchnNetworkvclicknt
Settings
SdngtnhnngAdvancedchntipNetworkcuhnhProxySettings
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:474
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
inthngscaProxyServerlachIPcaISAServerviPort8080.Cch
inthngtincngtngtnhcctrnhduytwebkhc.
CuhnhProxySettingstrnMozillaFireFox
53. Tm hiu Default Cache Rule
McnhISAServercmtDefaultCacheRulechophpCachelitanbcc
nidungibngHTTPvFTPquaISAServer.ChodClientscsdngProxy
haykhngnhngnidungHTTPvFTPvnclulitrnISAServernh
voApplicationProtocolWebProxyFilter.
ChcnngcaCacheRulechoISAServerbitcchnoCacheWeb,nidung
Cachecdunglngtilbaonhiu,khinothCachevtrangnokhng
cnCachenidung
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
475
Telecom Network Solutions
PhntchCacheRuletrnISAServervccgitrmcnhcaCacheRule
PropertiesCacheRuleDefaultcaISAServerxemccthngsny.
ChnhngglDefaultcaISAServerthkhngthcuhnhlicvRule
nyscpdngsaucng,mcutin(Order)mcnhlLast.
54. To Cache Rule
TomtCacheRulequynhCachetanbnidungWebcatrang
microsoft.comvibtknidunggvthngxuyncpnhtCachetrang
nyvnhnvintrongphngbanR&DcaVietCERTrthaylythngtin
trongtrangwebny
ToCacheRule
ChnCachetrongmcConfiguration
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:476
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhCacheRuletrnISAServerManagementConsole.
ClickphivoCachechnCreateaCachingRulebncasTaskPane
ToCacheRulemibngISAServerManagementConsole.
NamechnCacheallMicrosoftContent
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
477
Telecom Network Solutions
CacheRuleNamechcgitrhinth
ClickNext
DestinationxcnhitngnostcdngRuleny.Destinationcthl
mtNetwork,hoccthlmttrangWeb,ServerIP
ClickAddthmDestination
ClickAddthmRuleDestinationchobititngnotcdnglnCacheRuleny
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:478
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChngtitomtComponentURLSetvinidungltrangwebca
Microsoft.com
ClickMenuNewvchnURLSet
DestinationchnhmttrangwebchngtisdngURLSet
NamechngtithinthlMicrosoftWebSitevClickAdd,chngti
thmdngURLhttp://microsoft.com
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
479
Telecom Network Solutions
ClickADDthmccNetworkvoURLSet
ClickOKvDoubleClickvoMicrosoftWebSitetrongphnComponent.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:480
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
URLSetsaukhitoshinthtrongNetworkEntities
ClickClosequaykiWizard,kimtraDestinationvathm
ClickADDthmMicrosoftWebSitevomcDestination
ClickNext
QuynhthigianlyCachetInternet(CacheRetrieval).bomthngtin
lunlunmi,chngtichnOptionutin,nutrongCachebExpired,
ISAServerslyCachetrctiptrnInternet.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
481
Telecom Network Solutions
ClickchnOptionkhinoISAServerslyCachettrangWeb
ClickNext
QuynhnidungnoscCache.ChngtimcnhchoISAServerly
CachevkhngcnlynidungcanhngDynamicWebSite(LogonSession)
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:482
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XcnhkhinoslyCachetWebvISAServer
ClickNext.CacheRulenyschophpISAServerCachelinhngnidungi
bngSSL.MuncuhnhcCacheSSLProxythISAServer
ChophpISAServerCachenidungtSSLWebSite
ClickNext
ChophpISAServerCachenidungcaHTTPvthigianTTLchoCachel1
ngy.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
483
Telecom Network Solutions
BttnhnngCacheHTTPWebSite.
ClickNext
ChophpISAServerCachelinidungcaFTPDownloadtnhngtrangweb
caMicrosoft.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:484
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
BttnhnngCacheFTPSite
ClickNext,ReviewlinidungRulecuhnh
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
485
Telecom Network Solutions
KimtraliRulesaukhicuhnh
ClickFinish
QuaylimnhnhchnhviRulevacto.
thayi,ClickphichutvoRulenyvchnProperties.
RulesaukhitoshinthtrongISAServerManagementConsole.
CacheRulekhngCachemttrangweb
Trangwebvietnamlab.comkhitruycpttrongLANskhngCachelitrn
ISAchngtistomtCacheRuletcdnglnDestinationl
www.vietnamlab.comvgnvoCacheRulelkhngCachenidungttrang
ny.
VoCachetrongmcConfiguration
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:486
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhCacheRulebngmcCacheRuletrongISAServerManagementConsole.
ClickvomcCreateaNewCacheRule
ToCacheRulemibngISAServerManagementConsole.
PhnNamegDontCacheVietnamlab
CacheRuleNamechngtisdngychcgitrhinthtrongISAServer
ClickNext
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
487
Telecom Network Solutions
DestinationchngtichpdngRulenychonhngtrangwebkhngcn
Cache,mttrongnhngtrangnylww.vietnamlab.com.Chngtitinhnh
tomtURLSetmangtnwww.vietnamlab.com
ClickAddthmDestinationvoWizard
ClickADDthmDestinationvoCacheRule
ClickNewURLSet
DestinationchngtistolURLSet
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:488
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
PhnNamegVietnamLABWebSite
PhnURLClickNewvghttp://www.vietnamlab.com
URLSetchngtithmachtrangwebvietnamlab.com
ClickOKquaylicasComponent.DoubleClickvoURLVietnamLAB
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
489
Telecom Network Solutions
VietnamLABURLSetsaukhitochinthtrongNetworkEntities
ClickClosequayliviWizard
ClickADDvkimtraliDestinationtrongWizard
ClickNext.Optionnycthmcnhvtrangwebnychngtakhng
Cachethkhngcnquantmn.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:490
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
QuynhthigiankhinoslyCache
ClickNextvchnDonotCachethisContent
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
491
Telecom Network Solutions
CuhnhActionquynhkhngCachenidungtrangWebquynhtrongRule
ClickNext
Reviewliqutrnhcuhnh
KimtraliRuletoClickFinish
ClickFinish
55. Cu hnh Scheduler Download Job
SchedulerDownloadchophpISAServertngDownloadvcpnhtthng
tintrongCachecamn.SchedulerDownloadstngkhitomt
Connectionntrangwebnodonhquntrquynhvdownloadtonb
nidungcatrangwebvvluvoCache.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:492
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ISAServerCachenidungvoRAMvsavocng
ngthigianquynh,ISAServerslynidungtrangweb.ScheduledJobc
thcthchinduynhtmtlnhoclplinhiuln.ISAServerrtdcu
hnhviccWizardcxydngrttrcquan.
cuhnhSchedulerJobISAServercnphibttnhnngProxytrnLocal
HostvEnableSystemPolicychophpISAServersdngtnhnngny.
EnableProxySettingstrnLocalHost
VomcNetworktrongmcConfiguration
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
493
Telecom Network Solutions
CuhnhProxySettingstrnLocalHosttrongmcNetworkcaISAServerManagementConsole.
ChnTabNetwork
ClickphivoLocalHostvchnProperties
CuhnhPropertiestrnLocalHostbttnhnngProxychochnhISAServer
ChnTabWebProxy
CheckduEnanableHTTPProxy
XcnhPortmcnhl8080
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:494
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhProxySetting:PorttrnLocalHostvchpdngchoISAServer
ClickOK
CuhnhSystemPolicychophpSchedulerDownloadhatng
VoFirewallPolicy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
495
Telecom Network Solutions
CuhnhSystemPolicytrongmcFirewallPolicycaISAServerManagementConsole.
TabTaskPanechnEditSystemPolicy
CuhnhSystemPolicytrnISAServer
cuhnhSystemPolicyvEnabletnhnngScheduleDownload
BttnhnngScheduledDownloadContenttrnISAServerchophptdownloadnidungtrang
webtheothigiannhtrc
ClickOk
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:496
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ToScheduleDownloadJob
VomcCachetrongConfigurationchnTabContentDownloadJobs
CuhnhContentDownloadJobtrnISAServertngDownloadmttrangWebtheothigian
nh
ClickvomcScheduleaContentDownloadJobbncasTaskPane
ClickScheduleaContentDownloadJobtomtcngvicmiDownloadtrangWebvvCache
tiISAServer
PhnNamegDownloadICTExpress.com
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
497
Telecom Network Solutions
ContentNamechobitsDownloadtrangwebICTExpress.com
ClickNext
ClickchnDownloadhngngy
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:498
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrangwebscDownloadhngngy
ClickNext
Xcnhthigianthchintaskny,ngynobtu,thigianbtu
Volc5h07phtsngtrckhingidngngnhphthng
Phntiptheortquantrng,quytnhngsaicaScheduleJobny
WebSitegvohttp://www.ictexpress.comvchphichttp://nukhng
ISAServersboli.
JobnyskhngDownloadnhngtrangwebhocngLinknongaitrang
www.ictexpress.comvsucamilinktkhngqu4ln.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
499
Telecom Network Solutions
CuhnhthngschoSchedulerDownloadquynhslngvsucaLink
ClickNext
QuynhCacheRulechoringJobny.ISAServermcnhchCachenhng
ObjectnycCacheHeader.NhngitngDownloadbngJobnycth
cuhnhtheomtCacheRulechoringmnh,hocsdngCacheRulemc
nhcsncaWindows.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:500
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
QuynhsDownloadvCachenhnggchotrangwebny
Reviewliqutrnhcuhnh
KimtralitanbqutrnhcuhnhScheduleDownloadContent
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
501
Telecom Network Solutions
ClickFinishktthcqutrnhtoScheduleJob
ng5hsnghngngy,ISAServerstngdownloadtanbnidung
trangwebwww.ictexpress.comvvCachelncng.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:502
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CHNGX
Monitor ISA Server 2006
Cng vic thng xuyn nht v quan trng nht ca mt nh qun tr mng l xem xt h
thng mnh chy nh th no, nht l trn mt h thng kh nhy cm l Firewall, con ng
chnh ca h thng khi ra Internet. ISA Server cung cp cho nh qun tr mt h thng
Logging, Monitor trng thi hat ng ca bn thn ISA Server cng nh ca tan h thng
mt cch trc quan nht.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
503
Telecom Network Solutions
56. Tng quan v h thng Monitor
NhquntrISAServerchcuhnhISAServervonhnglchthngcs
thayi,vchyucuhnhlcbanukhimicitISAServer.Cngvic
thngxuynnhtcaccnhquntrltheoditnhhnhhatngcaISA
ServerhaycngilMonitoring,Auditing.
ISAServercungcpringmtphnMonitoringchonhquntrcththeo
ditnhhnhhatngcaISAServer.Chyunhquntrssdngphn
DashboardxemhatngchungcaServer.
SdngmcMonitoringtrongISAServerquansttnhhnhhatngcaISAServer
TrongphnDashboard,nhquntrcthnhntngquanvISAServergm
cccasbntrong
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:504
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TngquangiaodinMonitoringtrnISAServer
ngmcas(ThugncastrongDashboard)
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
505
Telecom Network Solutions
ThunhccphntrongDashboard
ThitlpmtRefreshchoMonitoring
TrongcasTaskPanechnRefreshRate
CuhnhmtlmtigiaodincaMonitoringtrnISAServer
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:506
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
57. Cu hnh Alert
ChcnngAlertscnhbochonhquntrbitmtthngipglinquan
nBomthocsantancaISAServer.MicrosoftsdngtngTrigger
nilniuny,cnghalnuISAServerthymttnhnngnotn
ngngquynhstngbolnmtAlertchongidng.
VoAlerttrongphnMonitoring
XemthngtintrongAlertcaISAServer.AlertthngbotnhhnhkhncptrnISAServer
BttnhnngAlertDefinition
VoAlertchnmcConfigureAlertDefinitionbncasTaskPane
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
507
Telecom Network Solutions
CuhnhcciukinchoAlert
ClickvoOptionAlertDefinitionvClickOK
ChnccAlertConitionhocclickADDthmmi
TnhnngnyschophpnhquntrtnhnghachoISAServerhiukhi
nothcntomtAlert.Tiptheonhquntrsttoraccnhnghacho
ISAServerhiukhinotoraAlert.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:508
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ThmAlertDefinition
VoMonitoringchnmcAlert
ClickConfigureAlertDefinitiontrongphnTaskPanevClickAdd
ClickADDthmAlertDefinition
TiptheoWizard
AlertNamehinthcnidungcaAlert
ClickNext,chnAlertEvents
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
509
Telecom Network Solutions
ChnlaiEventvOptionthmcaEventny
ClickNext,quynhhngmcchoAlert
PhnlaiAlertsthngbotrnISAServerMonitoring
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:510
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickNext,quynhnhnghnhthccnhbochoISAServerkhigp
ConditionthamnviAlerttora.
KhaibonichathngtinvAlert.ISAServercthluthngthngtinvoWindowsEventLog
ClickNext,chngtichnSendanemailmessagennISAServeryucungi
dngcuhnhSMTPServer.ChngtidngSMTPServercaVietCERTtia
ch203.162.23.34
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
511
Telecom Network Solutions
CuhnhthngtinvMailServerchophpISAServergiMailnnhquntrkhicAlertxut
hin
ClickNext
ReviewliqutrnhcuhnhAlert
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:512
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtratrckhiClickFinish
ClickFinishktthcqutrnhtoAlert.
SaukhitoAlertDefinition,nhquntrcththayibngcchchnAlert
DefinitionvClickEdittrongcasTaskPaneConfigureAlertDefinition
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
513
Telecom Network Solutions
AlertDefinitionhinthsaukhicuhnhvcthClickEditthayinidungbntrong
TrongphnnychngtasphicuhnhAlertConditionlkhinovtrong
iukinnoISAServerstoraAlert
CuhnhAlertEvents
ClickchnTabEvents
VchntipnhngEventnostoraAlerttrnISAServer.
NucnthmiukinphbncthClickAdditionalCondition
Trnychliukin,tiptheonhquntrphiquynhtipCondition
xyrabaonhiuln,trongthutngSecuritychngtagilThreshold,tcls
lnxyraskinhaygiltngng.
TrongTabEventschntipmcNumberOfOccurrencesvchnbaonhiuln
sxyraActionvtiptcchnslnEventxyratrongmtgiytrckhi
Actionxyra
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:514
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChngtichnOnlyifthealertwasmanuallyresettnhtkhiResetAlert,nu
gpngngmithcscnhbothnhAlert.NucgichnImmediately,
Alertcthxuthinnhiuhn.
CuhnhthuctnhchoAlertsaukhitobngWizard
SaucnglcuhnhAlertAction
PhnnysquytnhlmgkhicAlertxyrangtheoDefitionchngta
nhngha
ChnTabActiontrongAlertDefinition
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
515
Telecom Network Solutions
ChnActionsthchinkhixuthinAlertny
ISAServercthgiEmailcnhbochonhquntrnuAlertnyxyra.
cuhnhISAServergiEmailcgicnmtSMTPServer.Chngtisdng
SMTPServercaVietCERTtiach203.162.23.34
CuhnhthngtinvMailServerchophpISAServergiEmailchonhquntr
KhigpAlertxyra,ISAServercthchymtchngtrnhnochng
liskindinratrongAlert.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:516
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChymtngdngnokhigpAlertny
ISAServerctnhnngcamtIPS(InstrusionPreventionSystem)nncth
Stopbtkdchvnotheoyucucanhquntrkhigpsc.
TthocmccdchvcaISAServernugpAlertny
AcklowledgemtAlert
KhicAlertcnhbochonhquntr,cngviccaanhtacnlml
AcklowledgechoISAServerbitltibitriISAServerkhngcnh
bona.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
517
Telecom Network Solutions
ClickphivoccAlertvbmAcknowledgeSeletedAlerts
AcknowledgemtAlertchoISAServerbitnhquntrnmctnhhnhvAlertny
Ghich:CuhnhmttnhnngkhhaycaISAServer2006lphthinnutrongmngcmt
DHCPServernocpsaikhangIPchoClients.InvalidDHCPOfferAlertcbtsntrongISA
Server2006
TiptheolResetmtAlert
VoISAServervchnmcMonitoringAlert
ChnAlertcnReset
BncasTaskPaneClickResetSelectedAlert
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:518
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ResetmtAlertbngTaskPane
ClickYes
ISAServermunsxcnhncangidng
KimtraliAlertvaResetmt
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
519
Telecom Network Solutions
SaukhiReset,AlertcxakhiISAServer
58. Session Monitor
ISAServerchophpnhquntrxemccphinktninISAServer,ccphin
ktninycthlVPN,HTTP,WebProxy
BmvoTabSessiontrongphnMonitorchngtacththycccSession
angktnivoISAServer.
NgtktnimtSession
TrongccSessionnychngtacthngtktnimtSessionno
IntheconsoletreeofISAServerManagement,clickMonitoring.
ChnTabSessionstrongcasDettailPanecaISAServer
ChnSessionphhpcnngt
TrnTabTaskPanechnDisconnectsession
FiltervicMonitorSession
HocchMonitormtSessioncthnothidatrnachIPcaClients
VoISAServerManagement,clickMonitoring.
TrongDetailspane,ClickSessionstab.
TrongcasTasksPane,clickEditFilter.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:520
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
EditFilterqunlccSession
casmcFilterby,chnmttrongnhngOptionsauy:
Activation.Sessionckhitokhino,tnhbngthigian
ApplicationName.FilterdatrntncangdnggitrafficquaISAServer.
ClientHostName,ClientIP,orClientUsername.FilterdatrnachIPc
thcamtHostno.
SessionType.FilterdatrnlaiClientskhitoktni:Firewallclient,
SecureNAT,VPNclient,VPNsitetosite,hocWebproxyClients.
ServerName.XcnhdatrnServername.
SourceNetwork.KhitotSourceNetworkno
TiptheotrongmcConditionvValue,xcnhnhngiukinphhpv
chnAddtoList.
Lplibc4v5ngthithmnhiuiukinvomcFilter,sauchn
StartQuery.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
521
Telecom Network Solutions
TruyvnmcchlcccSessiontheoiukin
SaikhiclickStartQuery,phnMonitoringSessionchxuthinnhngSession
nothangiukincaphnFilter.
ExportFilterDefinition
TtcnhngFilterDefitionnychngtacthlulibngtnhnngExportca
ISAServer
VoISAServerManagement,clickMonitoring.
TrongDetailspane,ClickSessionstab.
TrongcasTasksPane,clickExportFilterDefinitions.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:522
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XutthngtincuhnhSessionthnhtptinXML
TrongphnFilename,xcnhtntptinXMLcnlulivClickSave.
ChnngdnlutptinXMLccuhnh.TptinXMLnycngnncbomt
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
523
Telecom Network Solutions
ImportFilterDefinition
VsaucthnplichoISAServertrongtrnghpcnphchihoccu
hnhmitrnmtISAServerkhc.
VoISAServerManagement,clickMonitoring.
TrongDetailspane,ClickSessionstab.
TrongcasTasksPane,clickImportFilterDefinitions.
NugpschoccuhnhsaicthsdnglitptinXLMnybngchcnngImport
TrongphnFilename,xcnhtntptinXMLcnnpvClickLoad.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:524
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChntptinXMLcnnpvclickLOAD
TmdngSessionMonitoring
PhnmonitorccphinktninycthchimnhiutinguyntrnISAServer
nnchngtacthtmdng
VoISAServerManagement,clickMonitoring.
TrongDetailspane,ClickSessionstab.
TrongcasTasksPane,clickPauseMonitoringSessions.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
525
Telecom Network Solutions
TmthingngtnhnngkimsatccphinktniquaISAServer
HocngngluntnhnngMonitorSession
VoISAServerManagement,clickMonitoring.
TrongDetailspane,ClickSessionstab.
TrongcasTasksPane,clickStopMonitoringSessions.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:526
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TthntnhnngkemsatccktnitrnISAServer
59. Cu hnh Logging
ISAServerstoLOGtheoccnhnghadonhquntrtora,LOGcaISA
ServercthclutrongchnhISAServerdngfiletexthocluvoSQL
Database.LoglnhnggISAServermthmthunhnlivhinthlncho
nhquntr
LoggingtheotngdchvcaISAServer
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnnhngOptionsauy
ConfigureFirewallLogging.CuhnhLogfilechodchvMicrosoftFirewall
ConfigureWebProxyLogging.CuhnhLogfilechoWebProxy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
527
Telecom Network Solutions
CuhnhFirewallLogginvWebproxyLoggingtrnISAServer
TrnTabLog,ClickchnOptionEnableloggingforthisservice
BttnhnngLoggginchoISAServer
LuliccLogkhichngkhpviccRulechngtatora
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:528
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChngtacthLoglinhngRequestkhpvinhngAccessRuletoratrn
ISAServer.cuhnhLoggingtrntngAccessRulechngtalmnhsau
VoISAServerManagementchnmcFirewallPolicy.
TrongcasDetailchnnhngRulenocnbttnhnngLog
ClickphivoRulechnProperties.
CuhnhLoggingchotngRulebngmcFirewallPolicy
TrnTabActiontrongcasPropertieschnOptionLogrequestsmatchingthis
rule.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
529
Telecom Network Solutions
BttnhnngLoggingtheotngRule
ChLoglinhngphncnthit,chngtacthchn
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnnhngOptionsauy
ConfigureFirewallLogging.CuhnhLogfilechodchvMicrosoftFirewall
ConfigureWebProxyLogging.CuhnhLogfilechoWebProxy
TrntabFields,chnnhngphnnocnLoggingli
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:530
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChntnghngmccnLogging
MunchnttcClickSeletectAll
HocbchnttcClickClearAll.NhngphnnoChecktrongphnFieldny
sclulitrongLog.ChngtacthcuhnhLoggingnhngphnnocn
thitfileLognhgn,tintrongvicMonitor.
LuLogfilevoSQLServer.
CctptinLogcthclutrctipvoDataBaseSQLtrnSQLServer.ISA
ServerkhiciscmtphnSQLClientsktnivoISAServer
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnnhngOptionsauy
ConfigureFirewallLogging.CuhnhLogfilechodchvMicrosoftFirewall
ConfigureWebProxyLogging.CuhnhLogfilechoWebProxy
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
531
Telecom Network Solutions
TrnTabLogchnSQLdatabase.
ChnnilutrcctptinLog
ClickOptionscuhnhthmthngtinchoSQLClients.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:532
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhthngtinSQLServervDatabasechophpISAServerlutrLogfile
LunidungLogfilevoServer192.168.1.5tidatabaesIsaserver,sdng
UsernamesqldbtrnWindowsluLogvoSQL.
HoclucctptinLogvoFiletrnISAServer
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnnhngOptionsauy
ConfigureFirewallLogging.CuhnhLogfilechodchvMicrosoftFirewall
ConfigureWebProxyLogging.CuhnhLogfilechoWebProxy
TrongTabLog,clickFile.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
533
Telecom Network Solutions
HocchnnilutrchnhlthmccitcaISAServer
NgairacuhnhchititbngcchclickvoOptions
ISALogsfolderorThisfolder.LachnnilutrchoLogfile
Compresslogfiles.OptionnysnncctptinLogli
Deletelogfilesolderthan(days).XcnhsngyLogfilesbxakhiISA
Server,sdngOptionnytxavthugnDatabase.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:534
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnnilutrtptinLog
ChngtacthgiihnvdunglnglutrLogfile
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnnhngOptionsauy
ConfigureFirewallLogging.CuhnhLogfilechodchvMicrosoftFirewall
ConfigureWebProxyLogging.CuhnhLogfilechoWebProxy
TrongTabLog,clickFile.
ClickntOptions
XcnhdunglngcatptinLogbngcchgsGBvoLimittotalsizeof
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
535
Telecom Network Solutions
logfiles(GB).NuchnOptionny,cgicthchntipmttrong2
Optionssauy:
Deletingolderlogfilesasnecessary.XainhngLogckhidunglngLog
by.
Discardingnewlogentries.NgngkhngtipnhnthmCacheEntrynanu
Cacheby
ISAServercthtnhdunglngcngcnlicnthitchohatngcaISA
ServervkhiluCache,ISAServerschakhangdunglngnyrakhng
luLog.ChnMaintainfreediskspace(MB)vgdunglngtnhtheoMB
ISAServerchali.
CuhnhccthngschoLogFile
LcLoggingtheoiukinhinth
TrnISAServer,phnhinthLogcngcthcchnlccthddng
quanst
VoISAServerManagement,clickMonitoring.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:536
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TrongcasDetailPanechnTabLogging
TrncasTaskschnEditFilter
XuhnhccFilterchomcLogging
TrongcasFilterby,chnmttrongnhngphncnLogli
TiptheophnConditionvValue,chnnhngmccnthitLoglivClick
AddToList.
Lplibc4v5thmcciukinvodanhsch,sauClickStart
Query.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
537
Telecom Network Solutions
Chncciukinsdngtruyvn.BmStartQueryhinthngnhngthngtinkhpvi
nhngiukintrn
LuLogDefinition
ISAServercthlulinhngDefinitionchoLogFilebngcchExportthnh
tptinXML
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnExportFilterDefinitions.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:538
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XutccthngtincuhnhbngtnhnngExport
TrongphnFilename,gtntptin.xmlcnlulivClickSave.
TptinlutrdngXMLcngnncbomt
ChphnnykhngphilulinhnggLog,mchllunhngphn
LogFilterDefinition.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
539
Telecom Network Solutions
VsaunplichoISAServer
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnImportFilterDefinitions.
NptptinXMLvoISAServerbngchcnngImport
TrongphnFilename,gtntptin.xmlcnnpvClickLoad.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:540
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChntntptinXMLcnnpvclickLOAD
LuphnhinthLog
Vnhngghinthtrnmnhnh,chngtacngcthluli
VoISAServerManagement,clickMonitoring.
TrongcasDetailPanechnTabLogging
TrncasTaskschnnhngOptionsauy
CopyAllResultstoClipboard.ChnttcnhngLoganghinthtrongphn
DetailPane.
CopySelectedResultstoClipboard.ChnOptionnyCopyttcnhng
phnLogEntrynoangcchn,sdngphmCTRLchnnhiuEntry
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
541
Telecom Network Solutions
NhquntrcthanhngthngtinhinthtrnmnhnhISAServerManagementConsole
voClipboadvdnramtngdngWorksheetkhcnhExcel
60. Cu hnh Report
ISAServerstoraccreporttheoyucucanhquntr,Reportlccbn
bococaISAServervtnhhnhhatngcamnh,tnhtrangbnh,lu
lngtruycp
ToReporttrongISAServer
VoISAServerManagement,clickMonitoring.
TrongcasDetailPane,clickchnTabReports
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:542
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ChnTabReporttheodiccReporttrnISAServer
TrntabTask,clickGenerateaNewReport.
TomtReportmitrnISAServerbngTaskPane
XcnhtnReportcnto
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
543
Telecom Network Solutions
VicttnmtitngtrnISAServerttstosddngkhiqunl
Clicknext,xcnhnidungcaReport
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:544
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhnhngphncntoReport
ClickNext,chnthigianxemReport
ThigianstoReporttgiaiannonthiimhinti
ClickNext
cgicthsdngtnhnngPublishReportanidunglnmtthmcShare
ClicknextbquaphnPublishing,chngtascpsau
TiptheophncuhnhgiEmailkhitoReport,sthngbon2ach
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
545
Telecom Network Solutions
Emailtrn.
VthngbochonhquntrkhicReportmihanttvchgithngtinvcngvic.ISA
ServerkhnggiReportnachEmailcuhnhtrongphnny
ClickTestkimtraEmailcsdngchaykhng.
ClickNext
ReviewliqutrnhReport
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:546
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtralncuikhicuhnhReportGeneration
ClickFinish
SaukhitoReportclitktrongphnReportcaMonitoring
ReportJobsaukhitochinthtrnISAServerManagementConsole.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
547
Telecom Network Solutions
MunXemReportclickchnReportvtrongcasTaskPanechnView
SeletectedReport
SdngchcnngViewtrongTaskPanehinthnidungcaReport
CasViewReporthinradngWeb
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:548
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ReportchinthbnggiaodinWeb.Thngtinkhchitit;vngidngcthchnnhng
hngmckhccasbntri
ToReporttheothigianthc
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports
TrongcasTask,clickCreateandConfigureReportJobs.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
549
Telecom Network Solutions
TovcuhnhReportJob
ClickAddthmthuctnhchoReport
ClickADDthmReportJobchoISAServer
GtnchoReport,ylphnhinthtrongSnapin
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:550
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ReportJobName
ClickNext,quynhnidungchoReportschanhngg
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
551
Telecom Network Solutions
CchngmccntoReport
ClickNext,quynhthigianstoraReport,mcnhthigiantol1:AM
hngngy,nhquntrcththayiphnnytrongphnPropertiesca
Report
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:552
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
QuynhthigianstoReport,mcnhthigiantol1:00sngmingy
ClickNext,bquaphnPublish
ChngtikhngdngchcnngPublishbngWizardmscuhnhsau
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
553
Telecom Network Solutions
ClickNext
CuhnhphnEmailthngbochonhquntrkhicReportuctora.
CuhnhthngtinvMailServerchoISAServergithngbochonhquntrsaukhito
Report
ClickNext
Reviewliqutrnhcuhnh
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:554
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraReportJob
ClickFinish
ISAServercthmtReportJobmangtnRealtimeMonitorsttoReport
hngngyvolc1:00AM.(1gisng)
SaukhiktthcqutrnhtoReportJob,quaylivicasReportJobs
PropertieschngtacthmtJobtnRealTimeMonitor
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
555
Telecom Network Solutions
ReportJobsuakhitochinthtrnISAServer
ChnReportJobvClickEditthayithigiantoReport,chngtitora
volc7hsng.Thayisgithnh7hsng.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:556
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhlithigiantoReporttrnISAServer
ClickOK.Nhvycmi7hsnghngngyISAServerstoramtReportv
giEmailthngbochonhquntr.
TomtcsdliugmccReporttrnISAServer
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports
TrongcasTask,clickConfigureLogSummary.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
557
Telecom Network Solutions
CuhnhLoggingvReporttrnISAServer
TrnTabLogSummary,chnOptionEnabledailyandmonthlysummaries.
TrongphnSpecifythegenerationtimexcnhchoISAServerbitthigian
nostoReport
TiptheocgiquynhchoISAServerbitnilutrReport
McnhISAServerssdngthmcISASummariestrnchnhmyISA
Server,chnOptionISASummariesfolder.
NumunluReportmtthmckhc,chnThisfolder,vtiptheoclick
BrowsevClickchnFoldernocnluReport
CuhnhslngReportscluli.
TrongphnNumberofsavedsummaries,mcDailysummaries,gslng
ReportEntryscloglitrongngy.
McMonthlysummariesxcnhslngReporttrongthng
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:558
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
NilutrReportvslngReporttiahngngyvhngthngISAServercthto
NgnkhngchotoDatabasechaReport
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports
TrongcasTask,clickConfigureLogSummary.
TrongTabLogSummary,bducheckEnabledailyandmonthlysummaries.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
559
Telecom Network Solutions
BthoctttnhnngMonthlyReport
ThayiNidungvThigiantoraReport
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports
TrongcasTask,clickCreateandConfigureReportJobs.
ChnReportJobcncuhnhvClickEdit.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:560
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickEditthayithngtintrongReportjobvato
TabContentchophpchnnhngnidungnoscto
Summary
Webusage
Applicationusage
Trafficandutilization
Security
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
561
Telecom Network Solutions
ChncchngmcstoReport
TiptheochnTabSchedule
ChngtimuntoReporthngngynnchnEveryday.
NgairacgicthtotheonhngngyxcnhbngcchchnOnthe
followingdaysvchnnhngngynocnReport.HcchntoReporttheo
thng,clickEverymonth,onthisdatevxcnhsngytrongthngsto
Report
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:562
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XcnhlithigiankhinoctoReport
SaukhicReport,chngtacthxemtrctiptiISAServerhocthchin
chcnngPublishReport
CuhnhnidungReport
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports
TrongcasTaskchnmttrongnhngOptionsauycuhnhnhng
phntngng
CustomizeSummaryContent
CustomizeWebUsageContent
CustomizeApplicationUsageContent
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
563
Telecom Network Solutions
CustomizeTrafficandUtilizationContent
CustomizeSecurityContent
CuhnhthngtinReportchotnghngmc
TrnmiTabtrongmcIncludethisnumberofgslngEntrysclu
voReport.ClickOKchpnhnsthayiny.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:564
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
XcnhthngsstoReportchotnghngmc
CngbmtReport
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports,chnReportcnPublish
TrongcasTaskchnclickPublishSelectedReport.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
565
Telecom Network Solutions
SdngchcnngPublishReportlnmtthmcSharenochophpngikhccthxem
quaReportbngngdnUNC
PhnBrowseforfolderchnthmcluliccReport,thmcnyphil
mtthmccShare
ChnnilutrLogchoISAServer.McnhthmcchaLognmtrongthmccitISA
Server\ISASummarries
NgicthmquynsktninthmcSharenyxemnhngReport
ISAServertora.
XaReport
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:566
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
VoISAServerManagement,clickMonitoring.
TrongcasDetailchnTabReports,chnReportcnxa
TrongcasTaskchnclickDeleteSelectedReport.
XaReportsdngISAManagementConsole
ClickYes.
ISAServerlunnhcnhngidngkhiquytnhmtvicg
61. Monitor Connectivities
Sdngchcnngnyxcnhchtlngcangtruynmng,hocxc
nhnxemngtruyncnhatngchaykhng.Connectivitiessktni
nmttrangwebvlynidungcatrang.ChngtacthchnHTTP
Methodthvitrangweb(GET,POST,)
TomtBkimtraktni
VoISAServerManagement,clickchnTabMonitoring.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
567
Telecom Network Solutions
TrongcasDetailPanechnTabConnectivity
ChnmcConnectivityVerifierscuhnhphnkimsatktnichoISAServer
TrnTabTask,clickchnCreateNewConnectivityVerifier.
TomimtConnectivitybngISAServerConsole
NamegCheckwww.vietcert.comchobitskimtraktnintrangweb
VietCERT.com.Namechcgitrhinth,khngcgitrviISAServer
(khngphnbitchhoavthng)
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:568
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
CuhnhNamechoConnectivity.Namechcgitrhinth
ClickNext
KhaibotrangwebhocServercnkimtra,tiptheolchnlaidchvcn
kimtra.RingHTTPcphnMethodlGEThocPOST,hocchnthunl
khitoktniTCPnServer.
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
569
Telecom Network Solutions
ClickchnCategorylWeb
ClickNext
KimtraliqutrnhcuhnhbngcasReview
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:570
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
KimtraliqutrnhtoConnectivitysaukhicuhnhWizard
ClickFinish
ISAServershikinngidngkhibttnhnngny,vConnectivity
VerifierlkimtrangktnitISAServernServercnkimtrannphi
cmtSystemPolicycbitchophpISAServerkhitoktni.Hocnh
quntrcthtoAccessRulechophpISAServer(Localhost)cphpkt
ninServer(thnglExternal)
ISAServercnhbophibttnhnngchophpISAServercktnibngHTTPConnectivity
ClickYes
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
571
Telecom Network Solutions
cgimunthamkhoquaSystemPolicychophpISAServerctokt
ninServercthvoSystemPolicytrongphnFirewallPolicy
CuhnhSystemPolicytrnISAServerchophpsdngtnhnngHTTPConnectivity
ClickOK
QuayliviConnectivityVerifiervPropertiesphnCheckwww.vietcert.com
chngtavato
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:572
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
ClickphichnPropertiesvoConnectivitycuhnhthngssaukhito
TrongcasProperties,cgicththayicchthckimtravi
ConnectivityVerifiervato.
PropertiescuhnhliphngthcsdnglytrangWeblGET
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
573
Telecom Network Solutions
ClickOK
CuhnhmcSpecifythetimeoutresponsethreshold(msec)xcnhsmili
giycktlunServerkhngthtngtcc.
ChnOptionTriggeranalertiftheserverresponseisnotwithinthespecified
timeoutkhitomtAlertnuServerbTimeout
ConnectivityshinththngbotrongAlertnukhngtngtccnngServertrong
khangthigianTimeoutquynhl5000ms
phnGrouptypechnmttrongnhngOptionsauyllaiServerskim
tra.
ActiveDirectory
DHCP
DNS
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:574
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Others
PublishedServers
Web(Internet)
TttnhnngKimtraktni
VoISAServerManagement,clickchnTabMonitoring.
TrongcasDetailPanechnTabConnectivityvchnConnectivityVerifier
nocnxa
TrnTabTask,clickchnDelete
XaConnectivityVerifiertrongISAManagementConsole.Ngaicchxa,nhquntrcth
ExportthnhXMLfilevsauclickDisablethayvDelete.
62. Qun l cc dch v ca ISA Server
ISAServercthStarthocStopdchvFirewallvRoutingandRemoteAccess
VoISAServerManagement,clickMonitoring.
TrongDetailspane,clickServicestab.
Chnnhngdchvcnqunl:MicrosoftDataEngine,MicrosoftFirewall
service,hocMicrosoftISAServerJobSchedulerservice.
TrongTabTasks,clickStartSelectedServiceStartdchvhocclickStop
SelectedServicettdchvnudchangcm
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
575
Telecom Network Solutions
SdngTaskPaneltrnISAServerttdchv
63. Qun l Server Performance
NhquntrcthsdngtnhnngPerformancetrongWindowsquanst
ccthnhphntrongISAServerthigianthc
VoISAServerPerformanceMonitortrongStartMenu
SdngSnapinPerformancetrnISAServerchophptheodiISAServertheothigianthc.Vic
theodinyrtcnthitchoccnhquntrbitctnhhnhhatngcaFirewall.
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:576
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
Clickphivophnbiuangchytheothigianthc,clickchnAdd
Counter
ClickADDCOUNTERthmCountervoStatistics.Counterllaidliucnheodibng
PerformanceSnapin.
ChnnhngCounternocnthitcnthmvoqutrnhMonitor
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
577
Telecom Network Solutions
ChnCountersthmvocasStatisticstheodi.NgidngcthclickExplaincgii
thchthmvCountercnthm.
ClickExplainbnscISAServergiithchCounterchcnnglmg
PerformanceckmtheogiithchchotngCoutersthmvotrongPerformancegipnhquntr
ddngquytnhkhithmCouter
ClickClosequayliviPerformanceMonitor
cgicthlulinidungcaPerformanceMonitorthnhmttrangweb
dnghtmlcthxemlisau.
ClickphilnmnhnhPerformancechnSaveas
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:578
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
PerformanceSnapinchophpxutktquhinthtrnmnhnhStatisticscamnhthnhtptin
HTMbngchcnngSAVEAS
Clickchnngdntptinhtmlmunluli
TntptinHTMchngtisluliktqucaPerformancelPformance
ClickSave
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
579
Telecom Network Solutions
Munxemlinidung,clickvofilehtmlvalu,mInternetExplorervt
ngviewngtptincnxem
XcnhtptinHTMcxutratSnapinPerformancekmtheocaISAServer.
VxemlinidungbngInternetExplorer,nidungltnhcxutrat
Performance
Tiliu:PublishingbiVietCERTVietnamLABmikinnggpxingiv:580
Email:info@VietCERT.comPhone:0916721672Mr:TrnQucTon
ISA Server 2006
TheoditnhhnhhatngcaISAServerbnggiaodinperformance.Tronghnhlktqu
cxutradngWeb.
VietCERT Co., Ltd
Linking People to Technology
Add1:18/161c2,TranQuangDieuStr,03Dist,HCMC,Vn
Add2:09,588Str,PhuocLongAWard,09Dist,HCMC,Vn
Tel: 8489319986, 9350582 Fax: 848 8435010
URL: http://www.VietCERT.com
Email: info@VietCERT.com
Taxcode:0303693120
Hotline:8490 8185013 Mr Toan
PublishingBy:VietCERT.com,VietnamLAB.com,ICTExpress.com
581
You might also like
- Combining Cryptograph With Biometric - DichDocument7 pagesCombining Cryptograph With Biometric - DichKeoBot KeoNo ratings yet
- Data Mining Applications in BiometricsDocument12 pagesData Mining Applications in BiometricsKeoBot KeoNo ratings yet
- Software-ProjectManagement LifeCycle - WorkshopDocument68 pagesSoftware-ProjectManagement LifeCycle - Workshop3menhimmNo ratings yet
- Biometric Encryption To Enhance Confidentiality in Cloud ComputingDocument14 pagesBiometric Encryption To Enhance Confidentiality in Cloud ComputingKeoBot KeoNo ratings yet
- Cach Soan Powerpoint Slide-Ky Nang Trinh BayDocument5 pagesCach Soan Powerpoint Slide-Ky Nang Trinh BayKeoBot KeoNo ratings yet
- M25 +don+xin+xac+nhan+mat+giay+chung+nhan+hanh+ngheDocument1 pageM25 +don+xin+xac+nhan+mat+giay+chung+nhan+hanh+ngheKeoBot KeoNo ratings yet
- TTLV NNgoc Điệp - 2Document31 pagesTTLV NNgoc Điệp - 2KeoBot Keo100% (1)
