I don't think Jim in comfortable talking about how I compromised his box.
t
http://www.ISAserver.org
You've been compromised by him then??
rofl
-----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Friday, October 07, 2005 9:41 PM To: ISA Mailing List Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
True - if Timmy touches it, it's compromised... :-)
------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------------------
-----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Friday, October 07, 2005 17:28 To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
I guess it all comes down to what you call "compromised" and what you call "correctly configured." I have most certainly "compromised" an ISA server which was "correctly configured." It just wasn't "remote." ;)
t
----- Original Message ----- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, October 06, 2005 7:09 PM
Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
What Jim meant to say "There is no record of a correctly configured ISA firewall being compromised", so that would leave yours out. :P
Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls
-----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Thursday, October 06, 2005 9:03 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
There ya go...the first on the record...recorded instance of an exploited ISA installation.
-----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Thursday, October 06, 2005 10:47 PM To: ISA Mailing List Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
Ooh, baby, ooh... Anything in particular, or just me alone with some soft, warm packets?
-----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Thursday, October 06, 2005 6:29 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
Psssstt....wanna spend some time with my ISA?
-----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Thursday, October 06, 2005 9:39 PM To: ISA Mailing List Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
..and let's not forget my favorite (true) statement: "There is not one single instance (reported or otherwise) of an ISA server being exploited."
Literally none of the other "offerings" (snickerchortlechuckleGUFFAW) can claim anything even remotely like that without fear of an untimely lightning strike.
-----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Thursday, October 06, 2005 5:30 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
http://www.ISAserver.org
Ha! Real firewall? Cisco ? Netscreen? Don't swallow that cool aid. Remember, there are plenty of Russian dudes who have the Cisco source code, so you'll never know what hit you with Cisco. Netscreen is fast, but not smart (historically).
ISA is EAL4+ certified. The carnard that ISA's not a real firewall is now only of historical (and hysterical) import.
Tom
Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls
> -----Original Message----- > From: barrett [mailto:barrett.mcguire@xxxxxxxxxxxx] > Sent: Thursday, October 06, 2005 7:14 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections > > http://www.ISAserver.org > > True, but if I were to spend the money on a real router (Cisco, > Juniper), I would also buy a real firewall :) at the same time. Alas, > money is a determining factor and ISA is fun to use. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
The correct technical term for haggis stalking is "havering".
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
The correct technical term for haggis stalking is "havering".
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
The correct technical term for haggis stalking is "havering".
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx