ayazhoda
asked on
ISA Server detected an all port scan attack from Internet Protocol (IP) address
Hi All
I am having this error in event viewer
Event Type: Warning
Event Source: Microsoft Firewall
Event Category: Packet filter
Event ID: 15105
Date: 14/11/2007
Time: 07:48:50
User: N/A
Computer: TS4
Description:
ISA Server detected an all port scan attack from Internet Protocol (IP) address 216.250.24.64.
IP address mentioned is Symantec IP address which uses brightmail feature to communicate with server
My question is how can i set rule in ISA server for this IP address not to mark as port scan attack, In addition I don't want to disable port scan feature in ISA
Thanks
I am having this error in event viewer
Event Type: Warning
Event Source: Microsoft Firewall
Event Category: Packet filter
Event ID: 15105
Date: 14/11/2007
Time: 07:48:50
User: N/A
Computer: TS4
Description:
ISA Server detected an all port scan attack from Internet Protocol (IP) address 216.250.24.64.
IP address mentioned is Symantec IP address which uses brightmail feature to communicate with server
My question is how can i set rule in ISA server for this IP address not to mark as port scan attack, In addition I don't want to disable port scan feature in ISA
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Computer101
EE Admin