I recieved this from a friend. Read over and look at the photo. Tell me what you all think.
Here is the pic of the scan I did on the IP. It has been blured out. . . along with a few other things. . .I got the pics..thanks man...I disabled the web accounts, because I wasn't using the IIS any more..I also always disable the guest account...I'm not really sure what this is...The info I am getting from my event viewer is that someone or something is trying to get on the server with the admin login from about 1:00 am to about 2:00am..It has happened about three or four times now...The info stated that it was coming from dcom. I have beem looking into this and have seen many applications running through dcom that are not labled. I tryed to delete them or remove them from the dcom service, but it wouldn't let me. They do not have any names for me to search and delete the main program. It only says remote computer..My computer is also a dhcp server, and There has been alot of remote ip handed out..When there is no reason for that now...I have been wanting to put Black Ice on the pc, but I'm not sure if it will work on the server(NT) or not..Plus not sure how much of a load that will add to it....
Click Here for Pic
BTW: Hello all. Been a while since I posted. How is everyone?
Reply With Quote