RE: ISA Server Crash
From: Alex Lewis (alex.lewis_at_Remedy.COM)
Date: 03/31/04
- Previous message: RODDY, Dan: "RE: ISA Server Crash"
- Maybe in reply to: William Hays: "ISA Server Crash"
- Next in thread: Jim Harrison (ISA): "RE: ISA Server Crash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'William Hays'" <wjhays@sbcglobal.net>, "'focus-ms@securityfocus.com'" <focus-ms@securityfocus.com> Date: Wed, 31 Mar 2004 09:36:44 -0800
Well, there has been a pretty serious (and well publicized) vulnerability
in Black Ice, and other ISS products.
http://www.kb.cert.org/vuls/id/947254 It's certainly possible the code could
have corrupted/erased your OS partition. More than likely you were hit by
the Witty worm... More info here: http://www.lurhq.com/witty.html
Feel free to reply offlist if you need more information.
Alex Lewis
Sr. Systems Administrator
BMC Information Security
Remedy, a BMC Software company
alewis@remedy.com
http://www.remedy.com
Desk 408.571.7304
Cell 408.687.9067
There are only 10 types of people in this world:
Those who understand binary and those who don't.
-----Original Message-----
From: William Hays [mailto:wjhays@sbcglobal.net]
Sent: Tuesday, March 30, 2004 8:14 PM
To: Focus-MS Security List
Subject: ISA Server Crash
NEED HELP!!!!!!!!!!
Late last week my ISA Server crashed, it's running Windows 2000 Server with
ISA Server 2000 w/all SP's applied. It also runs Surf Control and Black
Ice.
What makes this so urgent is that upon investigation immediately after the
crash I found that the C:\ partition (active O/S partition) was somehow or
another formatted. What makes this even stranger is that the system was up
and running when this happened. I know this because the mirrored drive also
was formatted.
Can anyone please shed some light on how this could have possibly happened?
My bosses are wanting answers and I don't have any clues.
Can't figure it out, PLEASE HELP!!!!!!!
Thanks,
Bill
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
---------------------------------------------------------------------------
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
---------------------------------------------------------------------------
- Previous message: RODDY, Dan: "RE: ISA Server Crash"
- Maybe in reply to: William Hays: "ISA Server Crash"
- Next in thread: Jim Harrison (ISA): "RE: ISA Server Crash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
