I discovered Trusted Domain issue when I installed LANguard and did a scan on my network. On one system it looks like �crLE?�, the next like �crLE?�, the next like �crLE??, and each one is slightly different, even after rebooting or rescanning the network.(more examples below) I was told by a security expert here in town that this was the Sadmine IIS virus, but after reading all I could I can’t confirm this.
I rebuilt a server and installed the corporate version of Symantec’s Enterprise Virus protection program ver 7.6. This did not even detect what this thing is. I had some issues with the systems after we got DSL, so when we switched to MPower DSL we used a Netopia 9100 and created some simple firewall policies, but I found it was not processing the info fast enough. At this point we got a Cisco PIX506 which processes the firewall policy quickly and delivers content faster. Since the installation of the PIX I have never recieved another alert on BlackICE or Zone Alarm. Testing with http://grc.com or http://scan.sygatetech.com/stealthscan.html could not find a hole. I have even stayed current with all the MS updates (which disappoints me to no end that the current news is this is not a good idea, due to one patch may undo another previous patch). But reguardless I believe I have a stable relatively secure setup in which common kiddie hackers won’t play with. I just don’t know what to do at this moment, some one must know
what this is so I can feel relatively safe putting my web server back online.
Thanks,
William Burdine
IS Manager – Alvarado Pharmacy
�crLE?�
?crLE?�
�crLE?�
�crLE ?
?crLE?�
�crLEp
