Strange things are happeneing to my little server....
I run a small Win2k SRV machine on my 768/128k DSL line and it also acts as a gateway running NAT routing for my local network. For a firewall I run BlackICE defender and the only service thats turned on is HTTP, all the other netservices have been turned off.
The strange things that have been happening to it is that one day I logged in and some how FTP was turned on. I usually check the HTTP logs daily and when I noticed that a FTP log was created I freaked out. According to the log, several people tried to login and create a file/folder, but were denied access.
Then I sometimes download stuff from WinMX only to find my computer in some chat room or in another screen than what I had left it at. Sometimes my download bandwidth gets cut in half and my upload speed is also mysteriously cut in half, like if someone was connected to it from the internet. I can reboot the machine and it gets backup to speed...
I have the latest version Win2k SRV SP2 with all the IIS patches and I have installed secruity rollup package. I run Macfee netshield sp1 with the latest DAT files and no viruss are found on my system.
The only ports open are 80,20/21 and 6699 for WinMX. All the rest have been blocked by Blackice. And I have disabled NetBIOS on the adaptor thats connected to my DSL modem.
I have terminal sevices enabled so I can administer my machine with out a monitor from inside the lan, but I made sure it only listens to reqests from inside the lan.
All my passwords are pretty complicated so I doubt anyone could guess them...
Anyone???
I run a small Win2k SRV machine on my 768/128k DSL line and it also acts as a gateway running NAT routing for my local network. For a firewall I run BlackICE defender and the only service thats turned on is HTTP, all the other netservices have been turned off.
The strange things that have been happening to it is that one day I logged in and some how FTP was turned on. I usually check the HTTP logs daily and when I noticed that a FTP log was created I freaked out. According to the log, several people tried to login and create a file/folder, but were denied access.
Then I sometimes download stuff from WinMX only to find my computer in some chat room or in another screen than what I had left it at. Sometimes my download bandwidth gets cut in half and my upload speed is also mysteriously cut in half, like if someone was connected to it from the internet. I can reboot the machine and it gets backup to speed...
I have the latest version Win2k SRV SP2 with all the IIS patches and I have installed secruity rollup package. I run Macfee netshield sp1 with the latest DAT files and no viruss are found on my system.
The only ports open are 80,20/21 and 6699 for WinMX. All the rest have been blocked by Blackice. And I have disabled NetBIOS on the adaptor thats connected to my DSL modem.
I have terminal sevices enabled so I can administer my machine with out a monitor from inside the lan, but I made sure it only listens to reqests from inside the lan.
All my passwords are pretty complicated so I doubt anyone could guess them...
Anyone???
Facebook
Twitter
Instagram