<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE id=ridTitle>Blank</TITLE>
<META http-equiv=Content-Type content="text/html; charset=windows-1252"><BASE
href="file://C:\Program Files\Common Files\Microsoft Shared\Stationery\">
<STYLE>BODY {
MARGIN-TOP: 25px; FONT-SIZE: 10pt; MARGIN-LEFT: 25px; COLOR: #000000; FONT-FAMILY: Arial, Helvetica
}
P.msoNormal {
MARGIN-TOP: 0px; FONT-SIZE: 10pt; MARGIN-LEFT: 0px; COLOR: #ffffcc; FONT-FAMILY: Helvetica, "Times New Roman"
}
LI.msoNormal {
MARGIN-TOP: 0px; FONT-SIZE: 10pt; MARGIN-LEFT: 0px; COLOR: #ffffcc; FONT-FAMILY: Helvetica, "Times New Roman"
}
</STYLE>
<META content="MSHTML 6.00.2900.2802" name=GENERATOR></HEAD>
<BODY id=ridBody bgColor=#ffffff
background=cid:00c701c62cc2$dddfb120$0302a8c0@Sanity>
<DIV>Hi Ed (and everyone)</DIV>
<DIV> </DIV>
<DIV>Since it was my thread that was in question, I spent the better part of
this morning trying to get to the bottom of this. </DIV>
<DIV> </DIV>
<DIV>Answer: it's not an attack, it's a quirk with Norton. Sometimes Norton
can't tell the difference between a "real" attack and an attempt to look for
cookies for faster uploads, etc. It's one reason I don't use Norton anymore.
It's a great program, but the firewall section leaves a lot to be desired.
</DIV>
<DIV> </DIV>
<DIV>Also realize that if there is a ligitimate intrusion/attack, like an
email virus, some are written to randomly "blame" something else to mask it's
true information. </DIV>
<DIV> </DIV>
<DIV>Rest assured, there's nothing wrong with the pic itself, or anything in the
thread. But thanks for the heads up!</DIV>
<DIV> </DIV>
<DIV>-Mike</DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=ed_alt@hotmail.com href="mailto:ed_alt@hotmail.com">Ed Alt</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=nsrca-discussion@lists.nsrca.org
href="mailto:nsrca-discussion@lists.nsrca.org">NSRCA Mailing List</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Wednesday, February 08, 2006 8:00
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [NSRCA-discussion] Denial of
Service attack on RCU</DIV>
<DIV><BR></DIV>
<DIV>Hi there, this is both a friendly warning as well as a request to get an
email address to contact someone at RCU. I just had Norton Firewall
detect and block an intrusion attempt, apparently from RCU's server.
Details:</DIV>
<DIV> </DIV>
<DIV>IP address 67.15.230.18, node name image.rcuniverse.com, sent a
MSSQL_NULL_Packet_DoS attack to my computer when I clicked on the
following image in the Pattern forum, thread "RE: Black Magic v2 builder's
thread! *Updated*": <A
href="http://image.rcuniverse.com/forum/thumbnails/166073/Ay74527.jpg">http://image.rcuniverse.com/forum/thumbnails/166073/Ay74527.jpg</A></DIV>
<DIV> </DIV>
<DIV>Norton firewall lists IP address 67.15.230.18 as the most frequent
attacker, with the latest attack on 2/8/2006 at 7:44:58 AM.</DIV>
<DIV> </DIV>
<DIV>Be careful, it looks like it eminates from there. I hope they can
find the problem soon, but they need to be notified.</DIV>
<DIV> </DIV>
<DIV>Thanks</DIV>
<DIV>Ed</DIV>
<P>
<HR>
<P></P>_______________________________________________<BR>NSRCA-discussion
mailing
list<BR>NSRCA-discussion@lists.nsrca.org<BR>http://lists.nsrca.org/mailman/listinfo/nsrca-discussion</BLOCKQUOTE></BODY></HTML>