Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: ntoskrnl.exe issue

From: "Curt Purdy" <purdy () tecman com>
Date: Thu, 30 Aug 2001 13:17:53 -0500
99% of the times I have seen this is when there is nothing wrong with NT or
the disk at all.  It almost always is with the boot.ini settings not going
to the right partition.  This can result from a number of reasons including
one drive in a multi-drive setup being offline causing the rdisk number to
be off one.  Reseating the connectors on the drive/motherboard may fix it.

Curt Purdy
Information Security Engineer
DP Solutions
purdy () tecman com

-------------

"There is no patch for stupidity."


-----Original Message-----
From: R M [mailto:whisk3y () hotmail com]
Sent: Thursday, August 30, 2001 5:05 AM
To: incidents () securityfocus com
Subject: ntoskrnl.exe issue


All

We have a w2k small business server installed with Exchange 2000, ie 5.5,
ISA 2000 [acting as a proxy server + packet filter], webshield & netshield
4.5.

The ISA packet filter was configured to permit outbound http and two way
smtp traffic.   2 of our servers crashed yesterday afternoon and we are now
receiving error messages about the ntoskrnl.exe is missing or corrupt.

This is odd considering the two servers went down at similar times in two
different remote locations.

The anti-virus software was bang up-to-date with the latest engine and dat
files but I still think this may be some sort of vulnerability - can any one
help please?

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: