ISA Shutdown when filesharing.
- From: "MikeO" <michael_outterside@xxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 9 May 2002 06:49:35 -0600
Hello folks, this is my first posting to the list and I am an ISA newbie,
so be gentle!
My setup:
---------
Home network.
Win2K server and Professional, with SP2 and SRP1.
ISA server with SP1, connected via 512k ADSL modem. ISA rules I have
configured are all outbound to be allowed, all inbound to be denied unless
requested from the ISA server as an outbound request.
Up to date virus signatures that have detected no viruses.
Pest scanner (Pest Patrol 3.1 eval) that has detected no Trojans.
The scenario:
-------------
Among other things I run Morpheus that uses the default port 6346.
Since about 3 weeks ago, *every* time I use morpheus to up\download a
file, my ISA server stops responding and has to be cold booted to recover.
The event viewer shows an 'unexpected shutdown' and little else. I have
seen a few half scan attempts but they do not happen at the same time as
the crashes.
ISA Firewall log shows a list of the IP addresses that have been trying to
make contact. In honesty I'm not up to speed on interpreting these logs
and I've not yet had time to dig deep into ISA. My guess is that the port
I am using is being used to get into the network and either bomb my
machine with some type of DOS attack, or there is a remote control Trojan
somewhere.
None of the machines behind ISA have been affected.
I realise that the filesharing app throws up it's own discussion, but this
is a home network and let's say I'm using the app to share my resume ;)
Has anyone seen this or a similar type of scenario (i.e. with a business
related or more 'reputable' app than Morpheus).
Can you suggest what I should look into or do to protect this, other than
removing Morpheus, which will be the next step.
Many thanks,
Mike.
Other related posts:
- » ISA Shutdown when filesharing.
