Intrusion attempts

• From: "Marc Reyes" <marcreyes@xxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 5 Dec 2003 09:04:25 +0800

Hi everyone,

I'm sure almost all of you had encountered an ISA Alert like this:

ISA Server detected a well-known port scan attack from Internet Protocol
(IP) address xxx.xxx.xxx.xxx. 
A well-known port is any port in the range of 1-2048. 

.... and many other types of intrusion attempts. Its good that ISA is
doing its job pretty well.(or is he?)
But what else can be done to prevent future and repeated attempts from
attacking your network?
Is there a "proactive" way of doing this? I have been getting ISA Port
Scan Alerts that comes from
the same IP consistently for the past 3 days.

Any help or insight is appreciated.

Thanks in advance.

Marc 

Other related posts:

• » Intrusion attempts
• » RE: Intrusion attempts
• » RE: Intrusion attempts
• » RE: Intrusion attempts
• » Re: Intrusion attempts
• » Re: Intrusion attempts
• » RE: Intrusion attempts

1. Home
2. isalist
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---