It appears a compromised computer is somewhere on your network running "all port" scans of the internal network. I would start with any laptop machines that regularly connect to other public networks and see if they have any malware running on them. An all port scan is what a PC with ill intent does to check other machines for back doors and vulnerabilities into it. Besides, "BRICKHOUSE" isn't a common name for a business PC running on professional network. :-) hope this helps..... On 5/1/07, ISA <ISA@xxxxxxxxxxxxxxxx> wrote:
Hey Guys – I am getting consistent events logging an all ports scan from my internal Exchange server (pasted below). Is this unusual? If so, what should my course of action be? Thanks in advance! Joseph Danielsen, CSBS, MCSA-Messaging, MCP Network Blade Inc. 49 Marcy Street Somerset, NJ 08873 732-213-0600 www.networkblade.com Ask me why a *Microsoft Certified Small Business Specialist* is best for your company
-- Patience yields far greater results than brute force or rage ever could so relax......it's just life !!!