Re: hacker attempts?
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 13 Jun 2007 22:34:47 -0700
It is pretty hard to go from "something at this IP is sending packets to me"
to saying "I am getting hack attempts from this IP". Without the ability to
establish that going to the second is clearly valid, there is nothing one
can do, and even with it whether anything can be done usually depends
on the good will of those with the network where that IP lives.
You might want to search the MS website for the guidance on
using IPsec for "domain isolation".
Roger
"will~" <will@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:46FA62EA-D0C5-40F4-9B46-10EE523BC190@xxxxxxxxxxxxxxxx
Windows 2003 Server R2 standard edition with SP2, sitting behind SonicWall
firewall.
Recently, there are a lot of Alerts from SonicWall. Such as "IPSec
Authentication Failed" and "IPSEC Replay Detected" and some "Sub Seven
Attack
Dropped"
It appears that the source IP address causing the IPSec Authentication
Failed messgae is from the same source IP address. I do not recognise
this
IP address and upon checking the internet it seems to be originated from
another town.
The fact that these are logged in sonicwall shows these have been
detected.
However, please advice if these IP addresses can be blocked from within
windows server, so that in the event that they have gone past the firewall
they could not establish communication with the server?
If these are hacking attempts are there any authority that we can report
to?
Many thanks for your assistance.
.
- Prev by Date: Re: Strange effect with inheritence flags on Windows XP and NT 4
- Next by Date: Re: Strange effect with inheritence flags on Windows XP and NT 4
- Previous by thread: Strange effect with inheritence flags on Windows XP and NT 4
- Next by thread: scheduled task
- Index(es):
Relevant Pages
|
