Re: ISA Server detected a spoof attack

• From: "cismic" <cismic@xxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 16 Jan 2004 14:55:17 -0800

Duh, what dood you mead?
You taying me pud SUS in DMZ and pudish it from ISA?

----- Original Message ----- 
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, January 16, 2004 7:27 AM
Subject: [isalist] Re: ISA Server detected a spoof attack


> http://www.ISAserver.org
>
> As my dear departed Mama used to say, "better a smartass than a
dumbass..."
>
> Regarding your SUS deployment, my question is "why?"
> If a DMZ host needs to get to it, web-publish it to the DMZ.
>
>  Jim Harrison
>  MCP(NT4, W2K), A+, Network+, PCG
>  http://www.microsoft.com/isaserver
>  http://isaserver.org/Jim_Harrison
>  http://isatools.org
>
>  Read the help, books and articles!
> ----- Original Message ----- 
> From: "cismic" <cismic@xxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, January 15, 2004 10:40
> Subject: [isalist] Re: ISA Server detected a spoof attack
>
>
> http://www.ISAserver.org
>
> Hi Jim,
> Nope, My mother only raised throughbreds! lol
>
> Any way,  hey I've finally got well at least most of my new machines in
> place.  I've been replace old boxes with new ones and of course that means
> installing software all over again.
>
> I run a back to back setup and am wondering if it is a good idea to place
> the SUS machine in the DMZ.
>
> Thank you,
>
> Joseph
> ----- Original Message ----- 
> From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, January 14, 2004 1:58 PM
> Subject: [isalist] Re: ISA Server detected a spoof attack
>
>
> > http://www.ISAserver.org
> >
> > Smartass...
> > ;-)
> >
> > I have that little toy.  I even had one for my old PalmIII until it
> finally died and forced me to buy a Toshiba e750.
> > Of course, there's a difference between having and using.
> > It was one of those time when you look and say "I know what that is" and
> get proven painfully wrong.
> >
> >  Jim Harrison
> >  MCP(NT4, W2K), A+, Network+, PCG
> >  http://www.microsoft.com/isaserver
> >  http://isaserver.org/Jim_Harrison
> >  http://isatools.org
> >
> >  Read the help, books and articles!
> > ----- Original Message ----- 
> > From: "cismic" <cismic@xxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, January 14, 2004 13:21
> > Subject: [isalist] Re: ISA Server detected a spoof attack
> >
> >
> > http://www.ISAserver.org
> >
> > Hi Jim,
> >
> > Solar winds has a free subnet calculater.
> > http://www.purenetworking.net/Products/SolarWinds/SolarWindsSE.htm
> >
> > Joseph
> > ----- Original Message ----- 
> > From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, January 14, 2004 1:14 PM
> > Subject: [isalist] Re: ISA Server detected a spoof attack
> >
> >
> > > http://www.ISAserver.org
> > >
> > > Don't feel bad; I had to eat a basic subnet miscalculation not too
long
> > ago...
> > >
> > >  Jim Harrison
> > >  MCP(NT4, W2K), A+, Network+, PCG
> > >  http://www.microsoft.com/isaserver
> > >  http://isaserver.org/Jim_Harrison
> > >  http://isatools.org
> > >
> > >  Read the help, books and articles!
> > > ----- Original Message ----- 
> > > From: "Dan Bartley" <bartleyd@xxxxxxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, January 14, 2004 13:02
> > > Subject: [isalist] Re: ISA Server detected a spoof attack
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > Yep, you're right. I transposed DNS and Default Gateway when I looked
at
> > > them.
> > >
> > > Best Regards,
> > >
> > > Dan Bartley
> > >
> > > -----Original Message-----
> > > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > > Sent: Wednesday, January 14, 2004 15:45
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Re: ISA Server detected a spoof attack
> > >
> > > http://www.ISAserver.org
> > >
> > > Actually, that's not the case.
> > >
> > > internal     = 172.16.10/24
> > > external    = 172.16.2/24
> > > Cisco       = 172.16.10.168
> > >
> > > The log data states that the packet was sent from the Cisco to the ISA
> > > "external" NIC.
> > > 172.16.10.168, 172.16.2.9, ICMP, 8, 0, -, BLOCKED,172.16.2.9
> > >
> > > According to the IP assignments, the Cisco is "internal", but the
packet
> > > was received on the ISA external interface according to the
> > > log entry.  That's why I suggested a misplaced cable or broken VLAN.
> > >
> > >  Jim Harrison
> > >  MCP(NT4, W2K), A+, Network+, PCG
> > >  http://www.microsoft.com/isaserver
> > >  http://isaserver.org/Jim_Harrison
> > >  http://isatools.org
> > >
> > >  Read the help, books and articles!
> > > ----- Original Message ----- 
> > > From: "Dan Bartley" <bartleyd@xxxxxxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, January 14, 2004 12:20
> > > Subject: [isalist] Re: ISA Server detected a spoof attack
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > Not necessarily. Is the Cisco on the same private subnet as the
external
> > > NIC of ISA, and is that different from the private subnet being used
by
> > > the internal ISA NIC?
> > >
> > > Could be set up as a second level defense behind the Cisco and a
> > > firewall. That would allow for a private IP on the external NIC.
> > >
> > > What I see below from his ipconfig/all seems to indicate that is the
> > > case.
> > >
> > > Best Regards,
> > >
> > > Dan Bartley
> > >
> > > -----Original Message-----
> > > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > > Sent: Wednesday, January 14, 2004 15:16
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Re: ISA Server detected a spoof attack
> > >
> > > http://www.ISAserver.org
> > >
> > > The fact that ISA is receiving traffic from an internal IP on the
> > > external NIC seems to hint that you have a cable misplaced or a
> > > VLAN is broken.
> > >
> > >  Jim Harrison
> > >  MCP(NT4, W2K), A+, Network+, PCG
> > >  http://www.microsoft.com/isaserver
> > >  http://isaserver.org/Jim_Harrison
> > >  http://isatools.org
> > >
> > >  Read the help, books and articles!
> > > ----- Original Message ----- 
> > > From: "Eric Poole" <EPoole@xxxxxxxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, January 14, 2004 11:53
> > > Subject: [isalist] Re: ISA Server detected a spoof attack
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > ISA's internal is on the .10 subnet just like the cisco box.  ISA's
> > > external is on the .2 subnet.  The external (2.9) is on a
> > > separate vlan, so it's virtually external.
> > > "Ethernet adapter Intranet:
> > >   Connection-specific DNS Suffix  . :
> > >         Description . . . . . . . . . . . : HPNC7781 Gigabit Server
> > > Adapter
> > >         Physical Address. . . . . . . . . : 00-0B-CD-82-2A-45
> > >         DHCP Enabled. . . . . . . . . . . : No
> > >         IP Address. . . . . . . . . . . . : 172.16.10.110
> > >         Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > >         Default Gateway . . . . . . . . . :
> > >         DNS Servers . . . . . . . . . . . : 172.16.10.41
> > >                                             172.18.52.41
> > >         Primary WINS Server . . . . . . . : 172.16.10.41
> > >         Secondary WINS Server . . . . . . : 172.16.11.41
> > >
> > > Ethernet adapter Extranet:
> > >   Connection-specific DNS Suffix  . :
> > >         Description . . . . . . . . . . . : HPNC7781 Gigabit Server
> > > Adapter2
> > >         Physical Address. . . . . . . . . : 00-0B-CD-82-2A-6A
> > >         DHCP Enabled. . . . . . . . . . . : No
> > >         IP Address. . . . . . . . . . . . : 172.16.2.9
> > >         Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > >         Default Gateway . . . . . . . . . : 172.16.2.20
> > >         DNS Servers . . . . . . . . . . . :
> > >         NetBIOS over Tcpip. . . . . . . . : Disabled"
> > >
> > >
> > > _______________________________________________
> > > Eric Poole
> > > IS Security Analyst
> > > Community Medical Centers
> > > 1140 "T" Street, Fresno, California 93721
> > > 559-459-6784 (phone) 559-459-2045 (fax)
> > >
> > >
> > > -----Original Message-----
> > > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > > Sent: Wednesday, January 14, 2004 11:33 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Re: ISA Server detected a spoof attack
> > >
> > > http://www.ISAserver.org
> > >
> > > What does the ISA "ipconfig/all" produce?
> > > It sounds like ISA doesn't really agree with you about what's
internal.
> > >
> > >
> > >  Jim Harrison
> > >  MCP(NT4, W2K), A+, Network+, PCG
> > >  http://www.microsoft.com/isaserver
> > >  http://isaserver.org/Jim_Harrison
> > >  http://isatools.org
> > >
> > >  Read the help, books and articles!
> > > ----- Original Message ----- 
> > > From: "Eric Poole" <EPoole@xxxxxxxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, January 14, 2004 10:32
> > > Subject: [isalist] ISA Server detected a spoof attack
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > I'm getting these about every half hour from our internal Cisco Works
> > > box (172.16.10.168).  The 2.9 address is the ISA external NIC
> > > that is routed through our PIX.  Any ideas?
> > >
> > > "ISA Server detected a spoof attack from Internet Protocol (IP)
address
> > > 172.16.10.168. A spoof attack occurs when an IP address that
> > > is not reachable via the interface on which the packet was received.
If
> > > logging for dropped packets is set, you can view details in
> > > the packet filter log."
> > >
> > > Here's a sample from the packet filter log.
> > >
> > > "1/13/2004, 20:43:17, 172.16.10.168, 172.16.2.9, ICMP, 8, 0, -,
BLOCKED,
> > > 172.16.2.9, 45 00 00 3c 20 74 00 00 7f 01 b6 7b ac 10 0a a8
> > > ac 10 02 09, 08 00 a1 b6 04 00 77 6e ad ad ad ad ad ad ad ad ad ..."
> > >
> > > _______________________________________________
> > > Eric Poole
> > > IS Security Analyst
> > > Community Medical Centers
> > > 1140 "T" Street, Fresno, California 93721
> > > 559-459-6784 (phone) 559-459-2045 (fax)
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > epoole@xxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > bartleyd@xxxxxxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > bartleyd@xxxxxxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > jim@xxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > cismic@xxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> cismic@xxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>

Other related posts:

• » ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack
• » Re: ISA Server detected a spoof attack

1. Home
2. isalist
3. Archive
4. 01-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---