Microsoft Releases Procedures on Using ISA Server Firewalls to Protect Your Network from the Sobig.F Worm Traffic

Microsoft has released official recommendations on how to configure your ISA Server firewall to beat down Sobig worm traffic. Check this out, read the info, and get the fixes.
Thomas Shinder photo

Microsoft Releases Procedures on Using ISA Server Firewalls to Protect Your Network from Sobig.F Worm Traffic


Reported by
Thomas W Shinder, M.D.

The Sobig.F worm is taking networks by storm. I've had to repair the damage on several of these networks myself. The good news is that none of these customers were shut down by their ISPs because their ISA Server firewalls were configured to protect them from both inbound and outbound worm traffic. In fact, it there weren't "out of band" laptop or VPN users bringing the dreaded payload into the network, they would have been completely protected.

However, I don't recommend that you depend on isolationism. Patch your systems ASAP and then head on over to the Microsoft ISA Server site and read the article Learn How Your ISA Server Helps Block Sobig.F Traffic. There's some great info in that article so consider it a must read.

After you're done with that paper, head on over to Jim Harrison's ISATools.org site and get his Sobig fixes at http://isatools.org/sobig.f.zip. There a block script and a fix script. Jim's Blaster scripts saved my own personal bacon a couple of days ago, so his worm whacking scripts get two fat thumbs up from this corner!

If you would like us to email you when Tom Shinder releases another update on ISAserver.org, subscribe to our 'Real-Time Article Update' by clicking here. Please note that we do NOT sell or rent the email addresses belonging to our subscribers; we respect your privacy!

About Thomas Shinder

Thomas Shinder photo Dr. Thomas W. Shinder is an MCSE, MCP+I, and MCT. He has worked as a technology trainer and consultant in the Dallas-Ft. Worth metro area, assisting in development and implementation of IP-based communications strategies for major firms such as Xerox, Lucent and FINA.

Click here for Thomas Shinder's section.

Share this article

Receive all the latest articles by email!

Get all articles delivered directly to your mailbox as and when they are released on ISAserver.org! Choose between receiving instant updates with the Real-Time Article Update, or a monthly summary with the Monthly Article Update. Sign up to the ISAserver.org Monthly Newsletter, written by ISA expert Dr. Tom Shinder, containing news, the hottest tips, ISA links of the month and much more. Subscribe today and don't miss a thing!



Receive all the latest articles by email!

Receive Real-Time & Monthly ISAserver.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an ISAserver.org member!

Discuss your ISA Server issues with thousands of other ISA Server experts. Click here to join!

Solution Center

Readers' Choice

Which is your preferred ISA Server Content Security solution?