Solved

What does my windows security alert mean?

Posted on 2014-03-03
9
431 Views
Last Modified: 2014-05-11
My University account has been behaving strangely recently with a certain pattern to it, namely that 'important' contacts have been assigned to Junk Mail. This is impossible for me to do without making a deliberate decision and I haven't done this. So it seems likely someone has been able to access my password.
The other day I logged on to my account at the Uni and tried to access a powerpoint file and I got the following message:
"Windows Security Alert: The connection attempt could not be completed."
It then gave the following information:
Radius server: itstrad1.bham.ac.uk
Root CA: AddTrust External CA Root
"The server "itstrad1.bham.ac.uk" is not configured as a valid NPS server to connect to for this profile"
Is this hacking/phishing? And if so, what can I do to discover who is doing it?
0
Comment
Question by:acquisitive
  • 3
  • 2
  • 2
9 Comments
 
LVL 19

Expert Comment

by:Kash
ID: 39900398
first things first. You need to change your login password to a complex one.

if you are still getting issues then you may want to speak to the network admin at Birmingham uni.

NPS : that tells me that you are using DirectAccess of some kind to connect to the resources possibly from your laptop PC. The NPS (network policy server) has a checklist which it has to tick before it can let you logon to the resources.

If your PC (which I assume you are using) has some kind of virus on it or doesn't have certain patches installed on it then NPS server will deny access.

Hope this helps.
0
 

Author Comment

by:acquisitive
ID: 39900427
Kash
my password is complex, very complex, and I have also changed it but the phishing continues.
What is DirectAccess?. I do indeed connect to the system via my laptop and usually remotely, but this time it was in my office.
I have two antivirus programs on my computer, Norton and Superantispyware, so I don't think it's a virus.
please respond.
0
 

Author Comment

by:acquisitive
ID: 39900431
And also, this alert has never appeared before. And how do you explain the access to my email to change mail to Junk? And how do you explain changing my password does not affect the process of junking?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 19

Expert Comment

by:regmigrant
ID: 39900479
If your password is complex, you haven't given it out to anyone and we can assume that the Uni is not compromised then I think its unlikely you have been hacked. A Trojan also seems like a remote possibility given your available security.

If there is a problem with the certificate chain then its possible your profile has been 'blacklisted' (probably not the correct term in this case but you see what I mean) locally and that's why your emails are hitting the junk folder.

There is a root certificate problem for wireless connections so try to connect by a hard line if available and/or refer the following article to the administrators:
http://support.microsoft.com/kb/2518158

Of course all this assumes you are not a high profile target who has annoyed the Russians in which case a directed attack might be possible too.
0
 
LVL 19

Expert Comment

by:Kash
ID: 39900529
if your password is complex then it is not the password.

Direct access is a Microsoft Technology which is configured on the servers by Admins which basically allows you to access your files remotely which is the case.

The reason I said it is DA is because its uses NPS server to perform its tasks.

Have you tried speaking to the IT at uni whether they have recently done some updates or modified some settings etc. I bet that is the case.

It may be they have applied some stronger spam threshold to the emails UNI WIDE which in turn has caused your emails (legit ones) to end up in the junk email folder.
0
 

Author Comment

by:acquisitive
ID: 39915232
Just to clarify: the junking occurs even after I have changed my password. You don't think it is phishing by an outsider who can read my passwords?
0
 
LVL 19

Accepted Solution

by:
regmigrant earned 500 total points
ID: 39917057
No password/encryption system is 100% effective but unless you have reason to believe you are being specifically targeted by someone with high level access to UNI servers (or a government) I would look elsewhere. However changing your password won't change the white/black lists applied by the mailbox scanner that is doing the junking - even if YOU mark them as trusted it may be that their domains have been identified as spam from outside the University -
http://whatismyipaddress.com/blacklist-check

The problem with the powerpoint is more likely a change in policy or certificates as outlined by Kash
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

I didn’t use eM Client for long when I decided to swap to Outlook 2016. The reason for the switch is that it started asking for payment to continue some of its services after one month.   The problems I faced when I didn’t pay were:   I was not …
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Viewers will learn the different options available in the Backstage view in Excel 2013.
The view will learn how to download and install SIMTOOLS and FORMLIST into Excel, how to use SIMTOOLS to generate a Monte Carlo simulation of 30 sales calls, and how to calculate the conditional probability based on the results of the Monte Carlo …

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now