Not I. I took all the credit! <grin> Jim Harrison who is that, George's brother? I'm just glad I'm home for a couple of weeks. Now to get some of my own processes done! Joseph -----Original Message----- From: Quillman Shawn (RBNA/CIT1.1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Thursday, August 14, 2003 4:56 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: MS-Blast scripts http://www.ISAserver.org Dude, I passed your detect script around to various folks on Tuesday. They now think I am the MAN! I, of course, gave you all the credit. (really, I did!) Shows you what you can achieve in people's eyes by being active on this list! "Wow, Shawn really knows his stuff. He can solve anything." It ain't WHAT you know... :) -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT1.1 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Thursday, August 14, 2003 2:02 AM To: [ISAserver.org Discussion List] Subject: [isalist] MS-Blast scripts http://www.ISAserver.org OK; I finally finished them: http://isatools.org/msblast.zip It contains two scripts: - block_msblast.vbs; this will prevent an internal infection from spreading outside your walls it likes all Enterprise variations and Standalone environments equally - fix_msblast.vbs; this will remove the little bugger and even validate your hotfix instalation (in the registry, anyway) .take a look at the logic for the blocker script; you'll understand why scripting rules for Enterprise environments can get so hairy. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')