Re: Internet slowdown. Is ISA being spoofed...
- From: Jim Behning SBS MVP <jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 18 Jun 2008 08:24:34 -0400
Another thing you can do in addition to Terrance's suggestions is to
use opendns.com as your dns forwarders. You can block genuinely
unnecessary web sites to reduce goofing off. You can easily block
porn, streaming and other not work related stuff. If the users are
able to do their jobs with certain sites locked it could just be to
much Internet radio and youtube going on. Opendns can block that stuff
quickly. This is just an idea that people sometimes forget about.
Streaming can really reduce productivity. I suggest radios, cd players
and Zunes if people get bored just doing their job. Streaming just
annoys me when the same site complains about resaerch speed.
On Tue, 17 Jun 2008 06:00:03 -0700, ck <ck@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
Thanks Jim, false positives... Shall give it a read.See what SBS support is working on
What concerning me more is the slow down the network is getting to the
external (internet). Plus the rapidshare thing has got my head scratching as
if it's being poxy spoofed it's slow everything down so how do I detect and
stop it!!
"Jim Behning SBS MVP" wrote:
There is an article by JimH about the port scan is a 99.99xx% false
report. What happens is connection shutdown in a way that confuses ISA
and ISA give a false port scan report. Forget my summary and read his
article.
http://technet.microsoft.com/en-us/library/cc512655.aspx
On Tue, 17 Jun 2008 03:40:02 -0700, ck <ck@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
SBS2003 R2 PremiumSee what SBS support is working on
ISA2004 SP3
BT2700 router
I've a bit confused on this, been getting some Internet slowdown. :(
However, I just so happened to be on rapidshare.com to downloading a file
and noticed it keep stating that either the connection had exceeded it limit
or IP was currently downloading a file.
Except the IP address it gave me is one that appears in the routers Primary
Domain Name Server 194.xx.x.xx!!
Is there something open on ISA configuration or miss configured on my router
to be allowing this.
If I check rapidshare.com again when the IP address appears or before it
appears would running ISA logging show what
Under my alerts in ISA2004 I'm seeing 'ISA Server detected al all port scan
attack from IP: 66.102.1.103, 64.233.169.99 and connection exceeded for one
of my machines. If I run ISA's loggin would should I look out for?
How is this IP address being spoofed there isn't much I have changed from
ISA configuration on IC wizard.
Any troubleshooting help is appreciated. :)
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
.
- References:
- Re: Internet slowdown. Is ISA being spoofed...
- From: Jim Behning SBS MVP
- Re: Internet slowdown. Is ISA being spoofed...
- From: ck
- Re: Internet slowdown. Is ISA being spoofed...
- Prev by Date: Re: There is a problem with this website's security certificate.
- Next by Date: VPN Problem
- Previous by thread: Re: Internet slowdown. Is ISA being spoofed...
- Next by thread: RE: Configuring Exchange
- Index(es):
Relevant Pages
|
Loading
