RE: Test for Internet Link availability
- From: "William Robertson" <robertson.william@xxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 23 Sep 2003 07:03:55 +0200
Hi John
I do appreciate your comments on all matters concerned. I would however like
to defend myself a little if you don't mind.
A while ago I posted a question to the "Would AV plugin stop VPN
infections?" thread asking people's comments on best antivirus programs,
experiences, strategies etc. The reason I asked is because it is my
experience that FSecure AntiVirus is always "behind the times", and virii
such as Nimda, CIH, Melissa and now lately Blaster, Nachi & Welchia do not
appear to be blocked by FSecure as soon as they are made public knowledge.
This obviously hampers my removal strategy as I then have to go and download
removal tools from other websites, or even better, write my own code in my
Login Script to hunt down and kill the infections.
With the information presented to you in my last thread I can understand
your comment about me not belonging on this list, but for brevity's sake I
did not wish to bore everybody with all my troubles & woes. Instead I try to
get to the point quickly so that whomsoever wishes to listen and comment
constructively may do so.
As it remains, I am responsible for 1500 workstations and 40 Windows 2000
servers. Budgets are not always that lenient when it comes to spending on
technology to improve existing strategies or embark on new ones, so to quote
one of the great American Presidents: "I do what I can, where I am, with
what I have"
Thanks
William R.
-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: 22 September 2003 18:57 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Test for Internet Link availability
http://www.ISAserver.org
Instead of trying to find a work around, fix the problem.
If you link is saturated with outbound requests for the RPC patch, you need
to fix your network. Get AV software and clean the computers now. BTW, if
this is the case, you are fortunate your ISP has not locked you out.
If your link is saturated with inbound pings, block them at the router or
request your ISP to do so.
If your link is saturated with outbound pings, you have no business on this
list. You need to learn some basic networking principles, like virus
protection.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-----Original Message-----
From: William Robertson [mailto:robertson.william@xxxxxxxxxxxxxx]
Sent: Monday, September 22, 2003 2:30 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Test for Internet Link availability
http://www.ISAserver.org
Hi there
With the impact of the Welchia worm I find that I am experiencing a fair
amount of hassle regarding the availability of my Internet Link. The primary
reason being that all the outbound requests for the RPC patch from the
WUpdate site and the ICMP echoes are just bringing down my link.
What I find then happens is that my DNS goes for a ball of chalk - on both
my DNS Servers. I then have to restart the DNS Services on my 2 DC's and
then they work just fine again - for a while.
What I was wondering if anyone knew how to perform some sort of "result
check" for the NSLOOKUP command? I can schedule a job to continuously
perform an NSLOOKUP every 30 minutes or so, but I need to catch the
exception when the NSLOOKUP fails so that I know when to restart the DNS.
Does anyone have any advice for me on this? (Apart from removing the
infection. Which I am currently busy with :-) ) The thing is, even without
the Welchia worm, my DNS also has a little wobble about once a week anyway,
so writing such a "DNS Test" script could prove worth my while.
Cheers
William R.
_____
William Robertson
AST Mpumalanga
Systems House / Consultant: Software
Tel: 013-2472703 / 083 638 0354
Fax: 013-2462236
---------------------------------------------------------------------
Everything in this e-mail and attachments relating to the official
business of Columbus Stainless is proprietary to the company. It is
confidential, legally privileged and protected by law. Columbus
Stainless does not own and endorse any other content. Views and
opinions are those of the sender unless clearly stated as being that
of Columbus Stainless. The person addressed in the e-mail is the sole
authorised recipient. Please notify the sender immediately if it has
unintentionally reached you and do not read, disclose or use the
content in any way. Whilst all reasonable steps are taken to ensure
the accuracy and integrity of information and data transmitted
electronically and to preserve the confidentiality thereof, no
liability or responsibility whatsoever is accepted if information or
data is,for whatever reason, corrupted or does not reach its intended
destination.
---------------------------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
johnlist@xxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
robertson.william@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
---------------------------------------------------------------------
Everything in this e-mail and attachments relating to the official
business of Columbus Stainless is proprietary to the company. It is
confidential, legally privileged and protected by law. Columbus
Stainless does not own and endorse any other content. Views and
opinions are those of the sender unless clearly stated as being that
of Columbus Stainless. The person addressed in the e-mail is the sole
authorised recipient. Please notify the sender immediately if it has
unintentionally reached you and do not read, disclose or use the
content in any way. Whilst all reasonable steps are taken to ensure
the accuracy and integrity of information and data transmitted
electronically and to preserve the confidentiality thereof, no
liability or responsibility whatsoever is accepted if information or
data is,for whatever reason, corrupted or does not reach its intended
destination.
---------------------------------------------------------------------
Other related posts:
