acquisitive
asked on
What does my windows security alert mean?
My University account has been behaving strangely recently with a certain pattern to it, namely that 'important' contacts have been assigned to Junk Mail. This is impossible for me to do without making a deliberate decision and I haven't done this. So it seems likely someone has been able to access my password.
The other day I logged on to my account at the Uni and tried to access a powerpoint file and I got the following message:
"Windows Security Alert: The connection attempt could not be completed."
It then gave the following information:
Radius server: itstrad1.bham.ac.uk
Root CA: AddTrust External CA Root
"The server "itstrad1.bham.ac.uk" is not configured as a valid NPS server to connect to for this profile"
Is this hacking/phishing? And if so, what can I do to discover who is doing it?
The other day I logged on to my account at the Uni and tried to access a powerpoint file and I got the following message:
"Windows Security Alert: The connection attempt could not be completed."
It then gave the following information:
Radius server: itstrad1.bham.ac.uk
Root CA: AddTrust External CA Root
"The server "itstrad1.bham.ac.uk" is not configured as a valid NPS server to connect to for this profile"
Is this hacking/phishing? And if so, what can I do to discover who is doing it?
ASKER
Kash
my password is complex, very complex, and I have also changed it but the phishing continues.
What is DirectAccess?. I do indeed connect to the system via my laptop and usually remotely, but this time it was in my office.
I have two antivirus programs on my computer, Norton and Superantispyware, so I don't think it's a virus.
please respond.
my password is complex, very complex, and I have also changed it but the phishing continues.
What is DirectAccess?. I do indeed connect to the system via my laptop and usually remotely, but this time it was in my office.
I have two antivirus programs on my computer, Norton and Superantispyware, so I don't think it's a virus.
please respond.
ASKER
And also, this alert has never appeared before. And how do you explain the access to my email to change mail to Junk? And how do you explain changing my password does not affect the process of junking?
If your password is complex, you haven't given it out to anyone and we can assume that the Uni is not compromised then I think its unlikely you have been hacked. A Trojan also seems like a remote possibility given your available security.
If there is a problem with the certificate chain then its possible your profile has been 'blacklisted' (probably not the correct term in this case but you see what I mean) locally and that's why your emails are hitting the junk folder.
There is a root certificate problem for wireless connections so try to connect by a hard line if available and/or refer the following article to the administrators:
http://support.microsoft.com/kb/2518158
Of course all this assumes you are not a high profile target who has annoyed the Russians in which case a directed attack might be possible too.
If there is a problem with the certificate chain then its possible your profile has been 'blacklisted' (probably not the correct term in this case but you see what I mean) locally and that's why your emails are hitting the junk folder.
There is a root certificate problem for wireless connections so try to connect by a hard line if available and/or refer the following article to the administrators:
http://support.microsoft.com/kb/2518158
Of course all this assumes you are not a high profile target who has annoyed the Russians in which case a directed attack might be possible too.
if your password is complex then it is not the password.
Direct access is a Microsoft Technology which is configured on the servers by Admins which basically allows you to access your files remotely which is the case.
The reason I said it is DA is because its uses NPS server to perform its tasks.
Have you tried speaking to the IT at uni whether they have recently done some updates or modified some settings etc. I bet that is the case.
It may be they have applied some stronger spam threshold to the emails UNI WIDE which in turn has caused your emails (legit ones) to end up in the junk email folder.
Direct access is a Microsoft Technology which is configured on the servers by Admins which basically allows you to access your files remotely which is the case.
The reason I said it is DA is because its uses NPS server to perform its tasks.
Have you tried speaking to the IT at uni whether they have recently done some updates or modified some settings etc. I bet that is the case.
It may be they have applied some stronger spam threshold to the emails UNI WIDE which in turn has caused your emails (legit ones) to end up in the junk email folder.
ASKER
Just to clarify: the junking occurs even after I have changed my password. You don't think it is phishing by an outsider who can read my passwords?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
if you are still getting issues then you may want to speak to the network admin at Birmingham uni.
NPS : that tells me that you are using DirectAccess of some kind to connect to the resources possibly from your laptop PC. The NPS (network policy server) has a checklist which it has to tick before it can let you logon to the resources.
If your PC (which I assume you are using) has some kind of virus on it or doesn't have certain patches installed on it then NPS server will deny access.
Hope this helps.