Security Incidents mailing list archives

Re: isakmp

From: Valdis.Kletnieks () vt edu
Date: Thu, 02 Aug 2001 15:21:57 -0400

On Thu, 02 Aug 2001 13:46:32 CDT, baudendist () primary net  said:

Yea... We were watching this yesterday... It looks like the packets are
coming from WIN2K IPSec enabled web servers... It goes back to the 19th...
VPN??? WIN2K interaction with the worm?  Incidental? Who knows????


Isn't there a configure tab in the TCP control panel that has a checkbox
to force it to always try to negotiate IPSec first?  Could it just be
CodeRed running on a box that has this set?
-- 
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

Attachment: _bin
Description:

Current thread:

isakmp Suzi VP (Aug 02)
- <Possible follow-ups>
- RE: isakmp baudendist (Aug 02)
  - Re: isakmp Valdis . Kletnieks (Aug 03)
- RE: isakmp Portnoy, Gary (Aug 02)