Hi Steve, Just finished downloading the script and about to install. Thanks for the tip! ...little sh**s? ....u mean those nasty fu**s! Marc -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Friday, December 05, 2003 9:15 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Intrusion attempts http://www.ISAserver.org Oops....did I say buggers...sorry....i meant little sh**s S -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Thursday, December 04, 2003 9:13 PM To: Isa Weblist Subject: [isalist] RE: Intrusion attempts http://www.ISAserver.org Download the block attacker script from Jimbo's site.....www.isatools.org...that'll sort the buggers out. Steve -----Original Message----- From: Marc Reyes [mailto:marcreyes@xxxxxxxxxxxxxxx] Sent: Thursday, December 04, 2003 9:04 PM To: Isa Weblist Subject: [isalist] Intrusion attempts http://www.ISAserver.org Hi everyone, I'm sure almost all of you had encountered an ISA Alert like this: ISA Server detected a well-known port scan attack from Internet Protocol (IP) address xxx.xxx.xxx.xxx. A well-known port is any port in the range of 1-2048. .... and many other types of intrusion attempts. Its good that ISA is doing its job pretty well.(or is he?) But what else can be done to prevent future and repeated attempts from attacking your network? Is there a "proactive" way of doing this? I have been getting ISA Port Scan Alerts that comes from the same IP consistently for the past 3 days. Any help or insight is appreciated. Thanks in advance. Marc ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions or its subsidiaries or affiliates. administrator@xxxxxxxxxxxxxxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: marcreyes@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')