RE: Suspected Hack

• From: "Clarke, Scott" <Scott.Clarke@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 5 May 2005 13:18:08 -0230

Just found that a PC in the department may have the smokodoor virus.

Thanks,

Scott

-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Thursday, May 05, 2005 1:09 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Suspected Hack


http://www.ISAserver.org

 Happens all the time, although it should definitely not be getting
through your ISA server.

Check all your pc's for trojans, and check that the ISA Server is
configured correctly.

The likelihood tho', is that it's coming from an internal machine.

S

-----Original Message-----
From: Scott [mailto:scott.clarke@xxxxxxxxxxxx] 
Sent: Thursday, May 05, 2005 12:32 PM
To: ISA Mailing List
Subject: [isalist] Suspected Hack

http://www.ISAserver.org

Hi all,

Our internal systems are behind an ISA 2000 server.  My PC runs BlackICE
software.  I have noticed a TCP and UDP port scan from 11.0.0.98.  Is it
normal to see this type of attack to my internal machine?

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

The correct technical term for haggis stalking is "havering". 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
scott.clarke@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Suspected Hack
• » RE: Suspected Hack
• » RE: Suspected Hack

1. Home
2. isalist
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---