RE: Getting 15105 and 15108

From: "Anthony Michaud" <anthonym@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Mon, 7 Jun 2004 11:29:31 +1000
You're allowed to leave early - just make sure you get your homework in first 
thing tomorrow morning!

:)

> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Friday, 4 June 2004 23:17
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Getting 15105 and 15108
> 
> 
> http://www.ISAserver.org
> 
> Yeh, but you didn't say I could leave my seat...
> I still gotta go, teach...
> ;-p
>   Jim Harrison
>   MCP(NT4, W2K), A+, Network+, PCG
>   http://isaserver.org/Jim_Harrison/
>   http://isatools.org
>   Read the help / books / articles!
> 
> 
> On Fri, 4 Jun 2004 15:21:46 +1000
>  "Anthony Michaud" <anthonym@xxxxxxxxxxxxxx> wrote:
> http://www.ISAserver.org
> 
> Didn't you just put your hand up? :)
> 
> > -----Original Message-----
> > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > Sent: Friday, 4 June 2004 01:14
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > ..now that would be a kewl feature; "render from trusted 
> > sources only" and use the actual sending mail server data 
> > (not the @#%#$^% 
> > "from" or "reply-to") to define "trusted sources".
> > Who wants to own and drive that?
> > 
> >  Jim Harrison
> >  MCP(NT4, W2K), A+, Network+, PCG
> >  http://www.microsoft.com/isaserver
> >  http://isaserver.org/Jim_Harrison
> >  http://isatools.org
> > 
> >  Read the help, books and articles!
> > ----- Original Message ----- 
> > From: "Troy Radtke" <TRadtke@xxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Thursday, June 03, 2004 08:00
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > But that takes half the fun out of this list.....
> > 
> > -----Original Message-----
> > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > Sent: Thursday, June 03, 2004 9:37 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > Don't
> > Render
> > HTML
> > Formatted
> > Email
> > 
> >  Jim Harrison
> >  MCP(NT4, W2K), A+, Network+, PCG  
> http://www.microsoft.com/isaserver
> >  http://isaserver.org/Jim_Harrison
> >  http://isatools.org
> > 
> >  Read the help, books and articles!
> > ----- Original Message ----- 
> > From: "Anthony Michaud" <anthonym@xxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, June 02, 2004 17:13
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > IS this a competition FOR the most annoying FONTs???
> > 
> > -----Original Message-----
> > From: mathif@xxxxxxxxxxxxxxx [mailto:mathif@xxxxxxxxxxxxxxx]
> > Sent: Saturday, 29 May 2004 23:51
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > Steve, yes  if someone is scanning from outside, and is 
> spoofing their
> > address...
> > 
> > Regards,
> > Mohammed Athif Khaleel
> > Asst.Network Engineer
> > AlFaisaliah Group Information Technology
> > Tel.: +966-1-461-0077 x.209
> > Moble.: +966-509774015
> > Email: mathif@xxxxxxxxxxxxxxx
> > "Save Internet, Keep all the systems patched"
> > Web: http://alfaisaliah.com <http://alfaisaliah.com/>
> > 
> > -----Original Message-----
> > From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> > Sent: Saturday, 29 May 2004 4:39 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > I beg to differ Mohammed, if someone is scanning from 
> outside, and is
> > spoofing their address, then no matter what you add to the lat
> > will not stop these alerts, therefore the only way to fix it 
> > is to turn off
> > the  alerts.
> > 
> > HTH
> > Steve
> > 
> >   _____
> > 
> > From: mathif@xxxxxxxxxxxxxxx [mailto:mathif@xxxxxxxxxxxxxxx]
> > Sent: Saturday, May 29, 2004 9:57 AM
> > To: Isa Weblist
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > Steve thatz never a solution... I had rather check the LAT 
> > and see if the
> > ISA is accessed over terminal and that IP entry is not
> > listed in the routing table.
> > NO offence intended :-)
> > 
> > Regards,
> > Mohammed Athif Khaleel
> > Asst.Network Engineer
> > AlFaisaliah Group Information Technology
> > Tel.: +966-1-461-0077 x.209
> > Moble.: +966-509774015
> > Email: mathif@xxxxxxxxxxxxxxx
> > "Save Internet, Keep all the systems patched"
> > Web: http://alfaisaliah.com <http://alfaisaliah.com/>
> > 
> > -----Original Message-----
> > From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> > Sent: Friday, 28 May 2004 11:40 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > turn off the alerts..
> > 
> > Steve
> > 
> >   _____
> > 
> > From: Hamilton, Calvin [mailto:Calvin.Hamilton@xxxxxxxxxxxxxx]
> > Sent: Friday, May 28, 2004 4:25 PM
> > To: Isa Weblist
> > Subject: [isalist] Getting 15105 and 15108
> > 
> > 
> > http://www.ISAserver.org
> > 
> > 
> > What can I do to prevent or manage these events
> > 
> > 15105 is ISA Server detected an all port scan attack from 
> > Internet Protocol
> > (IP) address 209.217.88.172
> > 
> > 15108 is ISA Server detected a spoof attack from Internet 
> > Protocol (IP)
> > address 65.116.240.1
> > 
> > 
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: 
> http://www.windowsnetworking.com Leading
> > Network Software Directory: http://www.serverfiles.com No.1 
> > Exchange Server
> > Resource Site: http://www.msexchange.org Windows Security 
> > Resource Site:
> > http://www.windowsecurity.com/ Network Security Library:
> > http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > jim@xxxxxxxxxxxx To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: 
> http://www.windowsnetworking.com Leading
> > Network Software Directory: http://www.serverfiles.com No.1 
> > Exchange Server
> > Resource Site: http://www.msexchange.org Windows Security 
> > Resource Site:
> > http://www.windowsecurity.com/ Network Security Library:
> > http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > tradtke@xxxxxxxxxxxx To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: jim@xxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: anthonym@xxxxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: anthonym@xxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>
RE: Getting 15105 and 15108

Other related posts:
