Port Scanning

I was notified by a network administrator that one of our servers is
running a full port scan on their network. How can I detect how this is
being done on our server. They sent a log that shows the Time Stamp,
Attack, Source IP, and Destination IP.

The server is a Windows 2000 server with IIS 5.0.