RE: IP SCAN
- From: "Mark Hippenstiel" <mark@xxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 23 May 2002 15:19:23 +0200
Yeah, only as long as the IP isn't spoofed, that is. I've had this a
couple of times and didn't know what to do then. Anybody knows if ISA is
capable of logging the MAC address?
Mark
-----Original Message-----
From: Bruno ROUY [mailto:bruno.rouy@xxxxxxxx]
Sent: Thursday, May 23, 2002 2:53 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: IP SCAN
http://www.ISAserver.org
ONLY..... YESSSSSSSS !
but you can trace who scan your ports
-----Message d'origine-----
De : Alex Decarli [mailto:decarli@xxxxxxxxxxxxx]
Envoyé : jeudi 23 mai 2002 14:14
À : [ISAserver.org Discussion List]
Objet : [isalist] IP SCAN
http://www.ISAserver.org
Hi folks,
I've received the following message: "ISA Server detected an all port
scan attack from Internet Protocol (IP) address xxx.xxx.xxx.xxx"
i've registered in IP...log several connections of this ip on port 80
(http)
is this a port scan attack ?
When I do a manual port scan , isa server says "ISA Server detected a
well-known port scan attack from Internet Protocol (IP) address
xxx.xxx.xxx.xxx. A well-known port is any port in the range of 1-2048.
For more information about this event, see ISA Server Help.
Any idea ?
Alex Decarli
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bruno.rouy@xxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mark@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
