Re: Botched Setup based on W3k server / ISA 2004
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 2 Feb 2006 07:21:02 -0600
Hey Tim,
I smelled the same thing. The are a lot of holes in this perp's story.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Thursday, February 02, 2006 1:02 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Botched Setup based on W3k server / ISA 2004
>
> http://www.ISAserver.org
>
> Are you saying that the ISA server is also configured as a domain
> controller? If so, tell your management guy to go piss up a
> rope and do a
> full re-install. The "lack of install keys" sounds totally
> bogus to me. If
> the company bought them, then they are on file somewhere.
>
> I'm hoping that you were hired to fix what was broken, and
> that the office
> manager was hired to manage the office. If the office
> manager is qualified
> to make those decisions, then let him/her fix the problem.
> If the person
> who left you with no disks, no keys, and a fubar install had
> the power to do
> so in the first place, why don't you have the power to do the
> best thing for
> the company and nuke everything? Who knows what back-doors,
> rootkits,
> Trojans, misconfigs, etc exist? No one knows. In that case,
> you will be
> remiss in your duty if you don't start from scratch. Hell,
> you've only got
> a few servers anyway. If the office manager doesn't like it,
> have them sign
> a document that states that you are not responsible for any
> aspect of the
> network's operation from this point forward, and that he/she
> assumes *full*
> responsibility for any problems that may occur in the future.
>
> To be honest, this whole thing smacks of something "wrong."
> I don't buy it.
> But that's just me.
>
> t
>
>
>
> -----
> "I'll see your Llama and up you a Badger."
> John T
>
>
>
> ----- Original Message -----
> From: "Glenn" <glenn.johnston@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, February 01, 2006 10:21 PM
> Subject: [isalist] Re: Botched Setup based on W3k server / ISA 2004
>
>
> > http://www.ISAserver.org
> >
> > It appears that RAS is using active directory.
> >
> > On an old account, I turned of "Dial in access', and the
> account can no
> > longer VPN in, turn back on "Dial in', and the account can
> VPN in again.
> >
> > Interesting to note, that while the change replicated to
> the other servers
> > as one would expect, it DID NOT replicate to the active
> directory running
> > on the ISA server, even after an hour, the ISA server still
> showed the
> > account as having Dial in allowed, when the rest of the
> servers showed the
> > account as not having dial in allowed. So obviously active directory
> > replication issues exist between the rest of the servers
> and the ISA.
> >
> > O what joy, another problem to toss on the already far too big pile.
> >
> > Again broached the question of a server rebuild with the
> office manager,
> > answer is a very loud, very firm "NO WAY". This combined
> with, the fact
> > that I have been refushed permission to even uninstall ISA server &
> > reinstall, may put this in a rock and a hard place basket.
> >
> > If infact this is recoverable without a full server
> rebuild, which I am
> > far from convinced at this point it is ??? I believe the first step
> > necessary is to regain access to the ISA server management
> interface, and
> > make sure the rule set, networks etc are consistent and sensible.
> >
> > However, when you start the mangement interface, it gives
> several "There
> > was a problem sending the command the to program" errors. The ISA
> > management interface opens, but there is nothing behind any
> of the levels.
> > You click on firewall rules, and it displays a blank
> screen. Technet has
> > nothing on this, anyone have any ideas on how to solve this ?
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org
> Discussion List as:
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
