Re: ISA 2004 PPTP VPN--Multiple Client Connections

  • From: "Ball, Dan" <DBall@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 7 Oct 2005 21:57:19 -0400

Were you caught in a "compromising position" with his box?

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] 
Sent: Friday, October 07, 2005 9:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections

http://www.ISAserver.org

I don't think Jim in comfortable talking about how I compromised his
box.

t

----- Original Message ----- 
From: "Steve Moffat" <steve@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, October 07, 2005 5:51 PM
Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections


> http://www.ISAserver.org
>
> You've been compromised by him then??
>
> rofl
>
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Friday, October 07, 2005 9:41 PM
> To: ISA Mailing List
> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>
> http://www.ISAserver.org
>
> True - if Timmy touches it, it's compromised...
> :-)
>
> -------------------------------------------------------
>   Jim Harrison
>   MCP(NT4, W2K), A+, Network+, PCG
>   http://isaserver.org/Jim_Harrison/
>   http://isatools.org
>   Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Friday, October 07, 2005 17:28
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>
> http://www.ISAserver.org
>
> I guess it all comes down to what you call "compromised" and what you
> call "correctly configured."  I have most certainly "compromised" an
ISA
> server which was "correctly configured."  It just wasn't "remote." ;)
>
> t
>
> ----- Original Message ----- 
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, October 06, 2005 7:09 PM
> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>
>
> http://www.ISAserver.org
>
> What Jim meant to say "There is no record of a correctly configured
ISA
> firewall being compromised", so that would leave yours out. :P
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
>> -----Original Message-----
>> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
>> Sent: Thursday, October 06, 2005 9:03 PM
>> To: [ISAserver.org Discussion List]
>> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>>
>> http://www.ISAserver.org
>>
>> There ya go...the first on the record...recorded instance of an
>> exploited ISA installation.
>>
>> -----Original Message-----
>> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
>> Sent: Thursday, October 06, 2005 10:47 PM
>> To: ISA Mailing List
>> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>>
>> http://www.ISAserver.org
>>
>> Ooh, baby, ooh...
>> Anything in particular, or just me alone with some soft, warm
packets?
>>
>> -----Original Message-----
>> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
>> Sent: Thursday, October 06, 2005 6:29 PM
>> To: [ISAserver.org Discussion List]
>> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>>
>> http://www.ISAserver.org
>>
>> Psssstt....wanna spend some time with my ISA?
>>
>>
>>
>>
>> -----Original Message-----
>> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
>> Sent: Thursday, October 06, 2005 9:39 PM
>> To: ISA Mailing List
>> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>>
>> http://www.ISAserver.org
>>
>> ..and let's not forget my favorite (true) statement:
>> "There is not one single instance (reported or otherwise) of an ISA
>> server being exploited."
>>
>> Literally none of the other "offerings" (snickerchortlechuckleGUFFAW)
>> can claim anything even remotely like that without fear of an
untimely
>> lightning strike.
>>
>> -----Original Message-----
>> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
>> Sent: Thursday, October 06, 2005 5:30 PM
>> To: [ISAserver.org Discussion List]
>> Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client Connections
>>
>> http://www.ISAserver.org
>>
>> Ha! Real firewall? Cisco ? Netscreen? Don't swallow that cool aid.
>> Remember, there are plenty of Russian dudes who have the Cisco source
>> code, so you'll never know what hit you with Cisco. Netscreen is
fast,
>> but not smart (historically).
>>
>> ISA is EAL4+ certified. The carnard that ISA's not a real firewall is
>> now only of historical (and hysterical) import.
>>
>> Tom
>>
>> Thomas W Shinder, M.D.
>> Site: www.isaserver.org
>> Blog: http://spaces.msn.com/members/drisa/
>> Book: http://tinyurl.com/3xqb7
>> MVP -- ISA Firewalls
>>
>>
>>
>> > -----Original Message-----
>> > From: barrett [mailto:barrett.mcguire@xxxxxxxxxxxx]
>> > Sent: Thursday, October 06, 2005 7:14 PM
>> > To: [ISAserver.org Discussion List]
>> > Subject: [isalist] Re: ISA 2004 PPTP VPN--Multiple Client
>> Connections
>> >
>> > http://www.ISAserver.org
>> >
>> > True, but if I were to spend the money on a real router (Cisco,
>> > Juniper), I would also buy a real firewall :) at the same
>> time. Alas,
>> > money is a determining factor and ISA is fun to use.
>> >
>> > ------------------------------------------------------
>> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
>> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
>> > ------------------------------------------------------
>> > Visit TechGenix.com for more information about our other sites:
>> > http://www.techgenix.com
>> > ------------------------------------------------------
>> > You are currently subscribed to this ISAserver.org
>> Discussion List as:
>>
>> > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
>> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> > Report abuse to listadmin@xxxxxxxxxxxxx
>> >
>> >
>>
>> ------------------------------------------------------
>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> You are currently subscribed to this ISAserver.org Discussion List
as:
>> jim@xxxxxxxxxxxx
>> To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>> All mail to and from this domain is GFI-scanned.
>>
>>
>> ------------------------------------------------------
>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> You are currently subscribed to this ISAserver.org Discussion List
as:
>> isalist@xxxxxxxxxx To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>> The correct technical term for haggis stalking is "havering".
>>
>>
>> ------------------------------------------------------
>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> You are currently subscribed to this ISAserver.org Discussion List
as:
>> jim@xxxxxxxxxxxx
>> To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>> All mail to and from this domain is GFI-scanned.
>>
>>
>> ------------------------------------------------------
>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> You are currently subscribed to this ISAserver.org Discussion List
as:
>> isalist@xxxxxxxxxx To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>> The correct technical term for haggis stalking is "havering".
>>
>>
>> ------------------------------------------------------
>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> You are currently subscribed to this ISAserver.org Discussion
>> List as: tshinder@xxxxxxxxxxxxxxxxxx
>> To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> isalist@xxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> The correct technical term for haggis stalking is "havering".
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:

> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 10-2005