Re: how come??? FW: ISA Server alert: An intrusion was attempted by an external user.
- From: "Ara Avvali" <ara@xxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 4 Oct 2004 23:43:18 -0400
Hi
No problem sir. I was just wondering. I agree with you about port scanning
and I really liked the example you gave.
Have a good one
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: October 4, 2004 11:35 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: how come??? FW: ISA Server alert: An intrusion was
attempted by an external user.
http://www.ISAserver.org
Hi Ara,
I'm sorry. It was a bad joke. We DO NOT scan peoples registries. The
warning you're seeing is probably related to a slow response by the
server. I'd check the log files to see what the nature of the scan is,
but I would not worry about it. In fact, I never worry about port scans
-- it like worry about who might be in the cars that drive in front of
your house, and your house is in front of the San Diego Freeway (US
405).
HTH,
Tom
www.isaserver.org/shinder
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Ara Avvali [mailto:ara@xxxxxxxxxx]
Sent: Monday, October 04, 2004 10:16 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: how come??? FW: ISA Server alert: An intrusion
was attempted by an external user.
http://www.ISAserver.org
Hello
May I ask what do you mean by checking registry? Is it just browser and
operating system check? I guess for not being infected you should secure
the
web server not scanning the client machine
Thank you for reply
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: October 4, 2004 10:43 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: how come??? FW: ISA Server alert: An intrusion
was
attempted by an external user.
http://www.ISAserver.org
We have to check the registry of all machines that connect to the site.
We don't want the Web server to get infected by unclean visitors :)
Tom
www.isaserver.org/shinder
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Monday, October 04, 2004 7:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: how come??? FW: ISA Server alert: An intrusion
was attempted by an external user.
http://www.ISAserver.org
This can happen any time you close your browser before the page is done
rendering.
..or maybe Tom has it in for you..?
:-)
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
On Mon, 4 Oct 2004 18:30:22 -0400
"Ara Avvali" <ara@xxxxxxxxxx> wrote:
http://www.ISAserver.org
How come do I get an intrusion anytime I go to isaserver.org site?
****************
Subject: ISA Server alert: An intrusion was attempted by an external
user.
ISA Server name: HOME-5E911R4X5L
ISA Server detected an all port scan attack from Internet Protocol (IP)
address 69.20.55.133.
*****************
Name: server4.isoftmarketing.com
Address: 69.20.55.133
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ara@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ara@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
