RE: Getting 15105 and 15108

• From: "Anthony Michaud" <anthonym@xxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 4 Jun 2004 15:21:46 +1000

Didn't you just put your hand up? :)

> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Friday, 4 June 2004 01:14
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> ..now that would be a kewl feature; "render from trusted 
> sources only" and use the actual sending mail server data 
> (not the @#%#$^% 
> "from" or "reply-to") to define "trusted sources".
> Who wants to own and drive that?
> 
>  Jim Harrison
>  MCP(NT4, W2K), A+, Network+, PCG
>  http://www.microsoft.com/isaserver
>  http://isaserver.org/Jim_Harrison
>  http://isatools.org
> 
>  Read the help, books and articles!
> ----- Original Message ----- 
> From: "Troy Radtke" <TRadtke@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, June 03, 2004 08:00
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> But that takes half the fun out of this list.....
> 
> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Thursday, June 03, 2004 9:37 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> Don't
> Render
> HTML
> Formatted
> Email
> 
>  Jim Harrison
>  MCP(NT4, W2K), A+, Network+, PCG  http://www.microsoft.com/isaserver
>  http://isaserver.org/Jim_Harrison
>  http://isatools.org
> 
>  Read the help, books and articles!
> ----- Original Message ----- 
> From: "Anthony Michaud" <anthonym@xxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, June 02, 2004 17:13
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> IS this a competition FOR the most annoying FONTs???
> 
> -----Original Message-----
> From: mathif@xxxxxxxxxxxxxxx [mailto:mathif@xxxxxxxxxxxxxxx]
> Sent: Saturday, 29 May 2004 23:51
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> Steve, yes  if someone is scanning from outside, and is spoofing their
> address...
> 
> Regards,
> Mohammed Athif Khaleel
> Asst.Network Engineer
> AlFaisaliah Group Information Technology
> Tel.: +966-1-461-0077 x.209
> Moble.: +966-509774015
> Email: mathif@xxxxxxxxxxxxxxx
> "Save Internet, Keep all the systems patched"
> Web: http://alfaisaliah.com <http://alfaisaliah.com/>
> 
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Saturday, 29 May 2004 4:39 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> I beg to differ Mohammed, if someone is scanning from outside, and is
> spoofing their address, then no matter what you add to the lat
> will not stop these alerts, therefore the only way to fix it 
> is to turn off
> the  alerts.
> 
> HTH
> Steve
> 
>   _____
> 
> From: mathif@xxxxxxxxxxxxxxx [mailto:mathif@xxxxxxxxxxxxxxx]
> Sent: Saturday, May 29, 2004 9:57 AM
> To: Isa Weblist
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> Steve thatz never a solution... I had rather check the LAT 
> and see if the
> ISA is accessed over terminal and that IP entry is not
> listed in the routing table.
> NO offence intended :-)
> 
> Regards,
> Mohammed Athif Khaleel
> Asst.Network Engineer
> AlFaisaliah Group Information Technology
> Tel.: +966-1-461-0077 x.209
> Moble.: +966-509774015
> Email: mathif@xxxxxxxxxxxxxxx
> "Save Internet, Keep all the systems patched"
> Web: http://alfaisaliah.com <http://alfaisaliah.com/>
> 
> -----Original Message-----
> From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, 28 May 2004 11:40 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> turn off the alerts..
> 
> Steve
> 
>   _____
> 
> From: Hamilton, Calvin [mailto:Calvin.Hamilton@xxxxxxxxxxxxxx]
> Sent: Friday, May 28, 2004 4:25 PM
> To: Isa Weblist
> Subject: [isalist] Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> 
> What can I do to prevent or manage these events
> 
> 15105 is ISA Server detected an all port scan attack from 
> Internet Protocol
> (IP) address 209.217.88.172
> 
> 15108 is ISA Server detected a spoof attack from Internet 
> Protocol (IP)
> address 65.116.240.1
> 
> 
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 
> Exchange Server
> Resource Site: http://www.msexchange.org Windows Security 
> Resource Site:
> http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 
> Exchange Server
> Resource Site: http://www.msexchange.org Windows Security 
> Resource Site:
> http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tradtke@xxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: anthonym@xxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 

Other related posts:

• » Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108
• » RE: Getting 15105 and 15108

1. Home
2. isalist
3. Archive
4. 06-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---