Thanks again. You been GREAT Dan! :) ptl -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Wednesday, March 16, 2005 3:12 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Port Scans http://www.ISAserver.org Personally, I would ignore it. You can't block every external IP that tries to scan you, as the list would get too long to manage! -----Original Message----- From: Paul Laudenslager [mailto:paul@xxxxxxxxxxxx] Sent: Wednesday, March 16, 2005 14:11 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Port Scans http://www.ISAserver.org Yes, mine is coming from my ISP's (USLEC/Fast.Net) DNS Server as well. It's kicking off as an ISA 2004 Alert... Description: ISA Server detected a port scan attack from Internet Protocol (IP) address 207.8.186.2. A well-known port is any port in the range of 1-2048. I guess since this is "outside" the network, I should have to "block" anything extra. Should I just ignore the error? Thanks! :) Paul L ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: paul@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx