RE: 15108

• From: "Ball, Dan" <DBall@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 27 Jul 2005 15:13:06 -0400

Thanks, that's good to know...  

 

________________________________

From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Wednesday, July 27, 2005 11:53 AM
To: [ISAserver.org Discussion List]
Subject: RE: [isalist] RE: 15108

 

Sory Dan - that's just not true.

Windows Firewall (p/o XPSP2 & WS03 SP1) does not block ANY outbound
traffic.

What that popup is warning you about is an application that has asked
Winsock to create a listening port.

 

WinFW only blocks incoming traffic.

________________________________

From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
Sent: Wed 7/27/2005 8:26 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: 15108

http://www.ISAserver.org

That's why I suggested XPSP2.  Any "program" that attempts to access the
network will be blocked until approved.  

 

Not necessarily a solution, but it brings to attention many programs are
"unknowingly" installed on a computer.

 

________________________________

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, July 27, 2005 7:38 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: 15108

 

http://www.ISAserver.org

Hi Dan,

 

I commonly see spoof errors from VPN clients too. Not consistent, seems
random. Since everything works, I don't worry about it too much.

 

Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 

         

        
        
________________________________


        From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
        Sent: Wednesday, July 27, 2005 6:11 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: 15108

        http://www.ISAserver.org

        What is the VPN client running for an OS?  If it's XP, put SP2
on it, the firewall won't let any program talk to the network without
prompting you.

         

        
        
________________________________


        From: Richard Morris [mailto:richard@xxxxxxxxxxxxxxxxx] 
        Sent: Tuesday, July 26, 2005 4:16 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: 15108

         

        http://www.ISAserver.org

        The odd thing is that it's from the VPN client, sometimes it
comes from DC too. Also though maybe Spyware and they're all clean. 

         

        
        
________________________________


        From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
        Sent: 26 July 2005 09:42 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: 15108

         

        http://www.ISAserver.org

        I get that sometimes from my internal DNS server; but mostly it
is from spyware-infested workstations.

         

        
        
________________________________


        From: Richard Morris [mailto:richard@xxxxxxxxxxxxxxxxx] 
        Sent: Tuesday, July 26, 2005 3:25 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] 15108

         

        http://www.ISAserver.org

        Hello.

         

        I'm intermittently receiving a spoof attack warning from an IP
that is on the internal LAN or from a VPN client, have done some reading
but none of the criteria match. Anyone seen this scenario before?

         

        Ta. 

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Visit TechGenix.com for more information about our other sites:
        http://www.techgenix.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts:

• » 15108
• » RE: 15108
• » RE: 15108
• » RE: 15108
• » RE: 15108
• » RE: 15108
• » RE: 15108
• » RE: 15108
• » RE: 15108

1. Home
2. isalist
3. Archive
4. 07-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---