RE: All Port Scan Attack Detection
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 5 Mar 2003 19:12:08 -0600
Hi Pai,
Always check the packet filter log so that you can analyze the details
of the interaction. The IDS is helpful, but never replaces a pair of
trained eyes.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: jagadish.pai@xxxxxxxxxxxxxxxxxxx
[mailto:jagadish.pai@xxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, March 04, 2003 10:41 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] All Port Scan Attack Detection
http://www.ISAserver.org
Hi
What should be done if the following notification by isa server.
ISA Server detected an all port scan attack from Internet Protocol (IP)
address 61.241.82.53.
For more information about this event, see ISA Server Help.
Regards
Pai
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
