Re: Remote system attempting to access LSA Shell ??

From:
Date: 07/28/02 

Date: Sun, 28 Jul 2002 01:43:23 +0200

IPSEC / LSA
is an attempt to connect securely with IPSEC
connection. If you insist on using secure connections
the system will connect through LSAshell on port 500
to the ISP proxies. This will fail due to the fact
that ISP proxies do not support secure connections.

Incomming secure connections i never had, and if there where any i changed
the connection to secure (testing
this methode etc..) So, normaly no secure connection
should be inbound.

My flag data is not sufficient to provide accurate responds
on whether secure inbounds are possible or not.
I never had them without changing the options
(windows 2000, properties network/ properties TCPIP / advanced / options /
ip security / properties
(choosing higher then Client (respond only) will effect that
LSA will look for secure connections anywhere it has to connect. This will
fail and eventually all connections will
drop.

I have LSA blocked on P/500

"greg" <greg@NOSPAM.com> wrote in message
news:3hB09.4230$SA3.176822@wards...
> What is the LSA Shell (export version). I keep being told by Norton
Personal
> Firewall that a remote sytem is attempting to access it but I don't know
> whether to allow or block it.
>
> The following information may be helpful:
>
>
> Application: C:\WINDOWS\System32\lsass.exe
> Protocol: UDP (Inbound)
> Remote Address: 204.251.216.70 : isakmp (500)
> Local Address: 0.0.0.0 : isakmp (500)
>
>
> Thanks in advance.
> greg.
>
>