99% of the times I have seen this is when there is nothing wrong with NT or the disk at all. It almost always is with the boot.ini settings not going to the right partition. This can result from a number of reasons including one drive in a multi-drive setup being offline causing the rdisk number to be off one. Reseating the connectors on the drive/motherboard may fix it. Curt Purdy Information Security Engineer DP Solutions purdyat_private ------------- "There is no patch for stupidity." -----Original Message----- From: R M [mailto:whisk3yat_private] Sent: Thursday, August 30, 2001 5:05 AM To: incidentsat_private Subject: ntoskrnl.exe issue All We have a w2k small business server installed with Exchange 2000, ie 5.5, ISA 2000 [acting as a proxy server + packet filter], webshield & netshield 4.5. The ISA packet filter was configured to permit outbound http and two way smtp traffic. 2 of our servers crashed yesterday afternoon and we are now receiving error messages about the ntoskrnl.exe is missing or corrupt. This is odd considering the two servers went down at similar times in two different remote locations. The anti-virus software was bang up-to-date with the latest engine and dat files but I still think this may be some sort of vulnerability - can any one help please? _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Sep 01 2001 - 10:37:02 PDT