We had a period where we were getting scanned and our ISP called the people in China and told them to stop..... LOL Its all depends the security you have set up on that server... -----Original Message----- From: Rogers, Brian [mailto:RogersB@xxxxxxxxxxxxxx] Sent: Tuesday, August 19, 2003 12:37 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org I do that for some of the attacks (ones that last for long periods of time..or scan over and over). I configured my alert to only send me an email if the event happens 25 times....I don't have time to deal with every little kiddie who got a copy of ogre or whatever else. It was just odd to see the ISA server report a scan on itself. -----Original Message----- From: Adam Baggett [mailto:abaggett@xxxxxxxxxxxx] Sent: Tuesday, August 19, 2003 12:34 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Contact the company and tell them that some one is illegally scanning your network, give them the IP's and tell them to stop. (in the nicest way)..... -----Original Message----- From: Dan Gabbard [mailto:intellihome@xxxxxxxxxxx] Sent: Tuesday, August 19, 2003 11:31 AM To: [ISAserver.org Discussion List] Subject: [isalist] port scan detected http://www.ISAserver.org I have been getting scanned from several IP addresses that belong to C2 Media Ltd for the last three or four days. It doesn't seem to be causing any problems but I'm curious to know what others do when they are being scanned by the same address block. The address range is from 66.220.17.46 to 66.220.17.55. I searched for info on C2 Media Ltd and they are a pay-per-click ad service that seems to be despised by everyone that has come across them. This tells me writing them to complain would be a waste of time. Any suggestions on how to handle this would be great. Or should I just not worry about it? Thanks, Dan ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: abaggett@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: rogersb@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: abaggett@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')