Home page logo
/

basics logo Security Basics mailing list archives

RE: ISA Server Crash
From: "Jordan, Jason D. \"Dallas\"" <Jason.Jordan () honeywell-tsi com>
Date: Wed, 31 Mar 2004 12:30:59 -0500

Sounds like it possibly could be the Witty worm.  It exploits Black Ice.  Maybe check this link out.  

http://securityresponse.symantec.com/avcenter/venc/data/w32.witty.worm.html


-----Original Message-----
From: William Hays [mailto:wjhays () sbcglobal net]
Sent: Tuesday, March 30, 2004 10:14 PM
To: Focus-MS Security List
Subject: ISA Server Crash


NEED HELP!!!!!!!!!!

Late last week my ISA Server crashed, it's running Windows 2000 Server
with ISA Server 2000 w/all SP's applied.  It also runs Surf Control and
Black Ice.

What makes this so urgent is that upon investigation immediately after
the crash I found that the C:\ partition (active O/S partition) was
somehow or another formatted.  What makes this even stranger is that the
system was up and running when this happened.  I know this because the
mirrored drive also was formatted.

Can anyone please shed some light on how this could have possibly
happened?  My bosses are wanting answers and I don't have any clues.
Can't figure it out, PLEASE HELP!!!!!!!

Thanks,
Bill


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, 
wireless security

Protect your network against hackers, viruses, spam and other risks with 
Astaro Security Linux, the comprehensive security solution that combines six 
applications in one software solution for ease of use and lower total cost 
of ownership. 

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]