Solved

What does my windows security alert mean?

Posted on 2014-03-03
9
455 Views
Last Modified: 2014-05-11
My University account has been behaving strangely recently with a certain pattern to it, namely that 'important' contacts have been assigned to Junk Mail. This is impossible for me to do without making a deliberate decision and I haven't done this. So it seems likely someone has been able to access my password.
The other day I logged on to my account at the Uni and tried to access a powerpoint file and I got the following message:
"Windows Security Alert: The connection attempt could not be completed."
It then gave the following information:
Radius server: itstrad1.bham.ac.uk
Root CA: AddTrust External CA Root
"The server "itstrad1.bham.ac.uk" is not configured as a valid NPS server to connect to for this profile"
Is this hacking/phishing? And if so, what can I do to discover who is doing it?
0
Comment
Question by:acquisitive
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
9 Comments
 
LVL 19

Expert Comment

by:Kash
ID: 39900398
first things first. You need to change your login password to a complex one.

if you are still getting issues then you may want to speak to the network admin at Birmingham uni.

NPS : that tells me that you are using DirectAccess of some kind to connect to the resources possibly from your laptop PC. The NPS (network policy server) has a checklist which it has to tick before it can let you logon to the resources.

If your PC (which I assume you are using) has some kind of virus on it or doesn't have certain patches installed on it then NPS server will deny access.

Hope this helps.
0
 

Author Comment

by:acquisitive
ID: 39900427
Kash
my password is complex, very complex, and I have also changed it but the phishing continues.
What is DirectAccess?. I do indeed connect to the system via my laptop and usually remotely, but this time it was in my office.
I have two antivirus programs on my computer, Norton and Superantispyware, so I don't think it's a virus.
please respond.
0
 

Author Comment

by:acquisitive
ID: 39900431
And also, this alert has never appeared before. And how do you explain the access to my email to change mail to Junk? And how do you explain changing my password does not affect the process of junking?
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 19

Expert Comment

by:regmigrant
ID: 39900479
If your password is complex, you haven't given it out to anyone and we can assume that the Uni is not compromised then I think its unlikely you have been hacked. A Trojan also seems like a remote possibility given your available security.

If there is a problem with the certificate chain then its possible your profile has been 'blacklisted' (probably not the correct term in this case but you see what I mean) locally and that's why your emails are hitting the junk folder.

There is a root certificate problem for wireless connections so try to connect by a hard line if available and/or refer the following article to the administrators:
http://support.microsoft.com/kb/2518158

Of course all this assumes you are not a high profile target who has annoyed the Russians in which case a directed attack might be possible too.
0
 
LVL 19

Expert Comment

by:Kash
ID: 39900529
if your password is complex then it is not the password.

Direct access is a Microsoft Technology which is configured on the servers by Admins which basically allows you to access your files remotely which is the case.

The reason I said it is DA is because its uses NPS server to perform its tasks.

Have you tried speaking to the IT at uni whether they have recently done some updates or modified some settings etc. I bet that is the case.

It may be they have applied some stronger spam threshold to the emails UNI WIDE which in turn has caused your emails (legit ones) to end up in the junk email folder.
0
 

Author Comment

by:acquisitive
ID: 39915232
Just to clarify: the junking occurs even after I have changed my password. You don't think it is phishing by an outsider who can read my passwords?
0
 
LVL 19

Accepted Solution

by:
regmigrant earned 500 total points
ID: 39917057
No password/encryption system is 100% effective but unless you have reason to believe you are being specifically targeted by someone with high level access to UNI servers (or a government) I would look elsewhere. However changing your password won't change the white/black lists applied by the mailbox scanner that is doing the junking - even if YOU mark them as trusted it may be that their domains have been identified as spam from outside the University -
http://whatismyipaddress.com/blacklist-check

The problem with the powerpoint is more likely a change in policy or certificates as outlined by Kash
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PCAnywhere 2 158
Best secure sending email service 1 80
What is CEO Fraud? 8 119
is this a virus? 3 111
The new Microsoft OS looks great, is easier than ever to upgrade to, it is even free.  So what's the catch?  If you don't change the privacy settings, Microsoft will, in accordance with the (EULA) you clicked okay to without reading, collect all the…
Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
The viewer will learn how to simulate a series of sales calls dependent on a single skill level and learn how to simulate a series of sales calls dependent on two skill levels. Simulating Independent Sales Calls: Enter .75 into cell C2 – “skill leve…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question