Your IP...log will have an entry that corresponds to the time (in GMT) that this event was logged. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/authors/harrison/ Read the books! ----- Original Message ----- From: "Gunawan" <administrator@xxxxxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Saturday, February 16, 2002 00:28 Subject: [isalist] Fw: ISA Server alert: An intrusion was attempted by an external user. http://www.ISAserver.org What should I do if receive this message: ISA Server name: FIREWALL ISA Server detected an all port scan attack from Internet Protocol (IP) address xxx.x.xxx.xx. For more information about this event, see ISA Server Help. _____ This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. _____ ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')