Were you caught in a "compromising position" with his box? -----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Friday, October 07, 2005 9:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections http://www.ISAserver.org I don't think Jim in comfortable talking about how I compromised his box. t ----- Original Message ----- From: "Steve Moffat" <steve@xxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, October 07, 2005 5:51 PM Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections > http://www.ISAserver.org > > You've been compromised by him then?? > > rofl > > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Friday, October 07, 2005 9:41 PM > To: ISA Mailing List > Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections > > http://www.ISAserver.org > > True - if Timmy touches it, it's compromised... > :-) > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > Sent: Friday, October 07, 2005 17:28 > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections > > http://www.ISAserver.org > > I guess it all comes down to what you call "compromised" and what you > call "correctly configured." I have most certainly "compromised" an ISA > server which was "correctly configured." It just wasn't "remote." ;) > > t > > ----- Original Message ----- > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Thursday, October 06, 2005 7:09 PM > Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections > > > http://www.ISAserver.org > > What Jim meant to say "There is no record of a correctly configured ISA > firewall being compromised", so that would leave yours out. :P > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > >> -----Original Message----- >> From: Steve Moffat [mailto:steve@xxxxxxxxxx] >> Sent: Thursday, October 06, 2005 9:03 PM >> To: [ISAserver.org Discussion List] >> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections >> >> http://www.ISAserver.org >> >> There ya go...the first on the record...recorded instance of an >> exploited ISA installation. >> >> -----Original Message----- >> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] >> Sent: Thursday, October 06, 2005 10:47 PM >> To: ISA Mailing List >> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections >> >> http://www.ISAserver.org >> >> Ooh, baby, ooh... >> Anything in particular, or just me alone with some soft, warm packets? >> >> -----Original Message----- >> From: Steve Moffat [mailto:steve@xxxxxxxxxx] >> Sent: Thursday, October 06, 2005 6:29 PM >> To: [ISAserver.org Discussion List] >> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections >> >> http://www.ISAserver.org >> >> Psssstt....wanna spend some time with my ISA? >> >> >> >> >> -----Original Message----- >> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] >> Sent: Thursday, October 06, 2005 9:39 PM >> To: ISA Mailing List >> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections >> >> http://www.ISAserver.org >> >> ..and let's not forget my favorite (true) statement: >> "There is not one single instance (reported or otherwise) of an ISA >> server being exploited." >> >> Literally none of the other "offerings" (snickerchortlechuckleGUFFAW) >> can claim anything even remotely like that without fear of an untimely >> lightning strike. >> >> -----Original Message----- >> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] >> Sent: Thursday, October 06, 2005 5:30 PM >> To: [ISAserver.org Discussion List] >> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections >> >> http://www.ISAserver.org >> >> Ha! Real firewall? Cisco ? Netscreen? Don't swallow that cool aid. >> Remember, there are plenty of Russian dudes who have the Cisco source >> code, so you'll never know what hit you with Cisco. Netscreen is fast, >> but not smart (historically). >> >> ISA is EAL4+ certified. The carnard that ISA's not a real firewall is >> now only of historical (and hysterical) import. >> >> Tom >> >> Thomas W Shinder, M.D. >> Site: www.isaserver.org >> Blog: http://spaces.msn.com/members/drisa/ >> Book: http://tinyurl.com/3xqb7 >> MVP -- ISA Firewalls >> >> >> >> > -----Original Message----- >> > From: barrett [mailto:barrett.mcguire@xxxxxxxxxxxx] >> > Sent: Thursday, October 06, 2005 7:14 PM >> > To: [ISAserver.org Discussion List] >> > Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client >> Connections >> > >> > http://www.ISAserver.org >> > >> > True, but if I were to spend the money on a real router (Cisco, >> > Juniper), I would also buy a real firewall :) at the same >> time. Alas, >> > money is a determining factor and ISA is fun to use. >> > >> > ------------------------------------------------------ >> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> > ------------------------------------------------------ >> > Visit TechGenix.com for more information about our other sites: >> > http://www.techgenix.com >> > ------------------------------------------------------ >> > You are currently subscribed to this ISAserver.org >> Discussion List as: >> >> > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit >> > http://www.webelists.com/cgi/lyris.pl?enter=isalist >> > Report abuse to listadmin@xxxxxxxxxxxxx >> > >> > >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org Discussion List as: >> jim@xxxxxxxxxxxx >> To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=isalist >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> All mail to and from this domain is GFI-scanned. >> >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org Discussion List as: >> isalist@xxxxxxxxxx To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=isalist >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> The correct technical term for haggis stalking is "havering". >> >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org Discussion List as: >> jim@xxxxxxxxxxxx >> To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=isalist >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> All mail to and from this domain is GFI-scanned. >> >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org Discussion List as: >> isalist@xxxxxxxxxx To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=isalist >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> The correct technical term for haggis stalking is "havering". >> >> >> ------------------------------------------------------ >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> You are currently subscribed to this ISAserver.org Discussion >> List as: tshinder@xxxxxxxxxxxxxxxxxx >> To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=isalist >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > thor@xxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > isalist@xxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > The correct technical term for haggis stalking is "havering". > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > thor@xxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: dball@xxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx