RE: Port Attack
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 23 Mar 2003 22:31:34 -0600
Hi Pai,
I'd check the packet filter log to determine the nature of the attack.
Sometimes its false positive and sometimes its something worth worrying
about. Determine who's doing the scanning and then assess whether
they've done something similar in the past. Unless it's a repeat
offender, its probably not worth worrying about.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: jagadish.pai@xxxxxxxxxxxxxxxxxxx
[mailto:jagadish.pai@xxxxxxxxxxxxxxxxxxx]
Sent: Sunday, March 23, 2003 10:12 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Port Attack
http://www.ISAserver.org
Hi
Can somebody explain will there be any problem for the following:-- How
do
i protect my system being attacked.
ISA Server detected an Internet Protocol (IP) half-scan attack from IP
address 202.118.162.44.
ISA Server detected an all port scan attack from Internet Protocol (IP)
address 61.241.82.53.
Regards
Pai
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
