Re: How to find the IP of someone trying to Breakin?
From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 01/28/05
- Next message: Steven L Umbach: "Re: security for selected folders"
- Previous message: Steven L Umbach: "Re: How to locate the source of an account being locked out?"
- In reply to: josh82443: "How to find the IP of someone trying to Breakin?"
- Next in thread: Teething: "Re: How to find the IP of someone trying to Breakin?"
- Reply: Teething: "Re: How to find the IP of someone trying to Breakin?"
- Reply: Teething: "Re: How to find the IP of someone trying to Breakin?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Jan 2005 18:45:19 -0600
First check the configuration of your router. By default NAT router will
block all uninitiated inbound traffic. You can go to a site such as
http://scan.sygatetech.com/ to see how well your firewall is configured and
any open ports could be the cause of the unwanted access. If your router is
able to log inbound traffic you may be able to pinpoint the IP address by
looking at entries in the firewall log that correspond to the failed logon
attempts by time . I would also check your computer for viruses and
parasites [with latest definitions/signatures] in case you have a "backdoor"
installed that may bypass your firewall to phone home. If you installed a
personal firewall such as Sygate on your computer [even temporarily] it
probably would show the IP address and the application that the attacker is
trying to access or the backdoor that is trying to phone home. Sygate has
extensive logging. --- Steve
"josh82443" <josh82443@discussions.microsoft.com> wrote in message
news:92BB1248-87EC-4013-AF24-B89FF637D91C@microsoft.com...
> Hi I'm working with Windows 2000 Server with SP4. My problems is that
> someone
> is trying to loggin to my account. when looking in the event Security log
> I
> find the Name that they are trying to use to loggin and the work station
> name. But nothing that really helps me out. Since the user is trying to
> gain
> access from the outside. what I need is some helpful information like IP
> address of the person trying to loggin, How they are trying to loggin.
> That
> kind of information. If I had the IP address I could block them at the
> router.
>
> Thank you for your Time & Help
> Josh
- Next message: Steven L Umbach: "Re: security for selected folders"
- Previous message: Steven L Umbach: "Re: How to locate the source of an account being locked out?"
- In reply to: josh82443: "How to find the IP of someone trying to Breakin?"
- Next in thread: Teething: "Re: How to find the IP of someone trying to Breakin?"
- Reply: Teething: "Re: How to find the IP of someone trying to Breakin?"
- Reply: Teething: "Re: How to find the IP of someone trying to Breakin?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
