| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 40684 | 2003-12-14 23:49:00 | Kerio-Incoming Connection Alert | Smurf (506) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 200566 | 2003-12-14 23:49:00 | This alert appeared on my computer from my installed Kerio Firewall ""Someone from smtp.nilfisk-advance.co.nz [210.54.118.121], port 500 wants to send UDP datagram to port 500 owned by 'LSA Shell (Export Version)' on your computer" Can someone interpret this for me and tell me if it is safe to permit such an alert ? Thanks Smurf |
Smurf (506) | ||
| 200567 | 2003-12-15 00:13:00 | Deny it. If you receive an incoming alert always deny unless it is for a program you know that you're using and will be needing an incoming connection. |
-=JM=- (16) | ||
| 200568 | 2003-12-15 00:46:00 | LSA Shell or lsass.exe is the Local Security Authority Service. It verifies the validity of user logons to your PC/Server. Port 500 is used for VPN (Virtual Private Networks) What is trying to happen is someone is trying to connect to you in a VPN type situation where they would have to login to have access your network. Unless you run a VPN, block it and disable the service if possible. You may find it in your Administrator Settings in Services. If you don't know what is what when configuring the firewall, don't permit it, and if a problem persists because of you not permitting it then allow it but first you should ask people whether to do it or not if you're unsure. |
Kame (312) | ||
| 200569 | 2003-12-15 01:58:00 | Thanks guys. Much appreciated. | Smurf (506) | ||
| 200570 | 2003-12-15 02:16:00 | I had the same thing happen to me about six weeks ago. It went on for over four hours, and I sent a copy of the relevant log entries to the ISP of the user. And someone here commented that I was another paranoid idiot with a personal firewall, or something like that. |
agent (30) | ||
| 1 | |||||