How many users you got? Yank the plug on your switch and start singling out the infections. ----- Robert Bosch Corporation Technical Systems Analyst (RBNA/CSA1) Corporate Sales Reporting Systems 38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA phone: 1 (248) 553-1164 fax: 1 (248) 848-6969 shawn.quillman@xxxxxxxxxxxx http://www.bosch.us -----Original Message----- From: Scott [mailto:scott.clarke@xxxxxxxxxxxx] Sent: Thursday, May 05, 2005 12:52 PM To: [ISAserver.org Discussion List] Subject: [isalist] Being Attacked...HELPED http://www.ISAserver.org I am seeing a lot of Trinoo, HTTP, and HTTP Cross Site scripting attacks. Both Trinoo and HTTP are coming from internal user machines and Cross site coming from 0.0.0.0 This only started happening recently...HELP!!! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx