Hi Joseph Seeing as you're now protected from all sorts of evil, I'm sure your SQL Import Scripts are getting some seriously undivided attention... :) William -----Original Message----- From: cismic [mailto:cismic@xxxxxxx] Sent: 22 August 2003 08:37 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Hi Thomas, I'm a beleiver in piracetam. Does wonders for my concentration! And with the right/wrong music combination I can get all the psychtronic stimulation I need! Now just to continue waring my tin hat! Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Thursday, August 21, 2003 4:37 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Sorry, that's psychtronic. Psychotropic is an entirely different matter ;-) Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Thomas W Shinder Sent: Thursday, August 21, 2003 6:34 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Hi Joseph, If I had that much tinfoil I would never have to worry about psychotropic manipulation again! http://c2.com/cgi/wiki?TinFoilHat HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: cismic [mailto:cismic@xxxxxxx] Sent: Wednesday, August 20, 2003 2:12 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org If I only had a package of foil every time someone said that! -----Original Message----- From: Mark Hopkins [mailto:Mark.Hopkins@xxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, August 20, 2003 8:26 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Tom, Interesting thing happened today. After creating a packet filter to block an IP, two days ago, he port scanned me again this morning. Can you explain this? Thanks. Mark _____ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Tuesday, August 19, 2003 4:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Hi Mark, Sure. Human eyes must evaluate the nature of the attack, and human eyes must evaluate the source location. For example, if the "attack" if some a DNS timeout issue with your DNS server, do you want to block that? Another example, if the "attack" is from another admin testing his "skills" from home, do you want to block that? Another example, the IDS is misconfigured, do you want to block what it says? Another example, a legit host is infected and cleaned. Now that host is blocked. Do you want to block that and then deal with connectivity issues when you forgot about your blocking filters or try to fish out the blocked host address from the thousands you your list? Harden your hosts, use Application and Web filters, never publish a Web site using an IP address, all the basic stuff. That's a lot more effective than blocking addresses willy nilly. YMMV, Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Mark Hopkins [mailto:Mark.Hopkins@xxxxxxxxxxxxxxxxxxxxx] Sent: Tuesday, August 19, 2003 2:13 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Tom, Could you elaborate on this "intelligent address blocking"? Thanks. Mark _____ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Tuesday, August 19, 2003 1:59 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: port scan detected http://www.ISAserver.org Ni Brian, Nor should you. Blocking addresses that scan you is like shooting at cars that drive past your home and look at your windows and front door. :-) Be aware of the attempt, but you'll end up making a critical error sooner or later if you block addresses without putting some intelligence behind the block. HTH, Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mark.hopkins@xxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: robertson.william@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') --------------------------------------------------------------------- Everything in this e-mail and attachments relating to the official business of Columbus Stainless is proprietary to the company. It is confidential, legally privileged and protected by law. Columbus Stainless does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Columbus Stainless. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Whilst all reasonable steps are taken to ensure the accuracy and integrity of information and data transmitted electronically and to preserve the confidentiality thereof, no liability or responsibility whatsoever is accepted if information or data is,for whatever reason, corrupted or does not reach its intended destination. ---------------------------------------------------------------------