Intrusion Detected from DC IP (Full Version)

All Forums >> [ISA Server 2004 Misc.] >> ISA Server 2004 Events

Message

---

iceboy -> Intrusion Detected from DC IP (23.May2008 2:57:05 AM) Hello  I  am  recieving port  scan  alert  from  Domain  Controller  . " ISA Server detected an all port scan attack from Internet Protocol (IP) address 192.168.0.2 " How can  solve ths  problem   ? Thanks

---

tshinder -> RE: Intrusion Detected from DC IP (27.May2008 8:48:34 AM) Take a look at the ISA firewall's log files and try to identify the traffic. HTH, Tom

---

HePa -> RE: Intrusion Detected from DC IP (2.Jun.2008 2:19:05 PM) I would also recomend you to take a look at the domain controller sending all the alerts! Look through the event viewer and run a scan with your AV, maby it find something that you don't.If your DC has been attacked, hacked etc. it's not funny ay all so take a look at it as soon as possible. Remember that all the password hashes are stored at your domain controller, and if someone gets those they can do what ever they want in your domian. Perhaps this anit a intrusion.

---

Page: [1]