See this link for more information: http://www.claws-and-paws.com/virus/articles/fdisk.shtml Again, this option should only be used if you know precisely what you are doing! -----Original Message----- From: Simon Weaver [mailto:Simon.Weaver@xxxxxxxx] Sent: Monday, January 13, 2003 11:50 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Alert Intrusion http://www.ISAserver.org Thanks Ed Well I am not too sure either - again how PC anywhere caused this! I think I might just rebuild it - is there anything documented on this /mbr fix? Simon Weaver Technical Consultant MCSE+Internet / MCSE Windows 2000 Integrated Solutions Corp. Ltd http://www.iscl.net -----Original Message----- From: Edward Sullivan [mailto:esullivan@xxxxxxx] Sent: 13 January 2003 17:45 To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Alert Intrusion http://www.ISAserver.org This is not a suggestion you try this, but an undocumented feature of FDISK is the "/MBR" switch. Specifying this switch at the end of the command will rebuild your master boot record. If your master boot record has become corrupted or altered by another program, this often will correct the problem. Again, I am not suggesting you try this, and am not sure it will fix the problem you are having, only sharing this information in case it should prove helpful to you. -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Monday, January 13, 2003 11:38 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Alert Intrusion http://www.ISAserver.org Hi Simon, The only fix I know of is the FDISK rebuild. There should be a way to do this without FDISK, but the exact problem hasn't been described on how it whacks the console, so its hard to figure out the fix. Tom www.isaserver.org/shinder -----Original Message----- From: Simon Weaver [mailto:Simon.Weaver@xxxxxxxx] Sent: Monday, January 13, 2003 11:32 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Alert Intrusion http://www.ISAserver.org Steve PC anywhere was installed soem time ago! I never realised this would cause problems!!! Would an uninstall not fix this? Simon Weaver Technical Consultant MCSE+Internet / MCSE Windows 2000 Integrated Solutions Corp. Ltd http://www.iscl.net -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxx] Sent: 13 January 2003 17:24 To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Alert Intrusion http://www.ISAserver.org Has pcAnywhere been installed on the server, if so, you will have to rebuild the server as the pcAnywhere install really messes up the gina and authentication for the alerts. Steve ________________________________ From: Simon Weaver [mailto:Simon.Weaver@xxxxxxxx] Sent: Mon 13/01/2003 09:05 AM To: Isa List Subject: [isalist] ISA Alert Intrusion http://www.ISAserver.org Hello Everyone Got a few questions about ISA 2000 for SBS2000. I have enabled Intrusion Detection and sent alerts to my Email address. I receive the alerts, but I cannot seem to find what or who was trying to contact me. When I goto the "Monitoring" Folder and choose Alerts I get a Big Messge "Refresh Failed" with a Big circle and a white X! The message says "You do not have the necessary permissions to perform this operation". I click on CONTINUE, but all I see are the tabs at the bottom of the window (Services, Help, sessions, up, ect!). If I view on the REORTS Folder, it only shows OLD reports for December 2002 - nothing since the 19th Dec 02. Any ideas? Thanks Simon Weaver Technical Consultant MCSE+Internet / MCSE Windows 2000 Integrated Solutions Corp. Ltd http://www.iscl.net <http://www.iscl.net/> ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than isalist@xxxxxxxxxxxxxx Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum Computer Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum Computer Solutions or its subsidiaries or affiliates. usermanager@xxxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Simon.Weaver@xxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: esullivan@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: Simon.Weaver@xxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: esullivan@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')