Re: Spyware Issue(s)

• From: "Greg Hess" <gmh@xxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 14 Sep 2004 09:29:32 -0400

So far it seems to be either

1. DSO exploit
Or
2. fake google toolbar (spyware edition)

But there may be others that the techs are seeing that I don't.

Btw - I've also added a link to the 'real' google toolbar on our
intranet page.

G.

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Tuesday, September 14, 2004 9:16 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Spyware Issue(s)


http://www.ISAserver.org

Hi Greg,

I bet this is a red herring, but it would be interesting to determine
what the actual cause of this observed behavior is.

Tom 

-----Original Message-----
From: Greg Hess [mailto:gmh@xxxxxxxx] 
Sent: Monday, September 13, 2004 2:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Spyware Issue(s)

http://www.ISAserver.org

No, its just that, on machines that have had spyware, our older firewall
seemed to still have no problem with their connectivity, but on ISA they
will get a 'page not found' or 'dns' error until the spyware is cleaned
up, I just wondered if anyone had any additional insight into this. G.

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, September 13, 2004 3:00 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Spyware Issue(s)


http://www.ISAserver.org

Are you suggesting that your ISA is blocking requests just because the
client has spyware on it? If so, that sounds like you've defined some
pretty creative policies...

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!

----- Original Message ----- 
From: "Greg Hess" <gmh@xxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, September 13, 2004 10:56
Subject: [isalist] Spyware Issue(s)


http://www.ISAserver.org

Hey, we are transitioning a part of my company off of an old Checkpoint
firewall and onto ISA. As we do this, spyware seems to cause many more
problems with the people using ISA. Not in terms of getting it, but
those who have it often have it stop them from browsing the Internet
until we can get it cleaned off. Is there anything I can do to make ISA
'forgiving' enough so that this won't cause such a headache? Any advice
is appreciated.

Tx.
Greg.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmh@xxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmh@xxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » RE: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » RE: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » RE: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » RE: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)
• » Re: Spyware Issue(s)

1. Home
2. isalist
3. Archive
4. 09-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---