Hey guys, could use your help... here is my problem:
I am running a Win2K Server Network at home and have 3 client computers. I am using a Linksys router and have not set up Active Directory. I was running IIS for a while but took it down recently.
All of a sudden like 3 days ago all of these logon attempts show up in my security log and I have no idea where they are coming from. I used shields-up and supposedly all of my ports are stealthed... There is incoming activity that was logged at the router with destination ports 2427, 2416, and 137.
I know that 137 is the net-bios port. How can I make sure that it is not open to the internet (137-139 and 445)??? and how can I get more information about the failed logins?
I am running a Win2K Server Network at home and have 3 client computers. I am using a Linksys router and have not set up Active Directory. I was running IIS for a while but took it down recently.
All of a sudden like 3 days ago all of these logon attempts show up in my security log and I have no idea where they are coming from. I used shields-up and supposedly all of my ports are stealthed... There is incoming activity that was logged at the router with destination ports 2427, 2416, and 137.
I know that 137 is the net-bios port. How can I make sure that it is not open to the internet (137-139 and 445)??? and how can I get more information about the failed logins?