Somebody bruteforcing my password

[MasteriZ]

Hello

does anybody have an idea how to get an ip address of the
person responsible for bruteforcing my passwd? It seems
that event logger doesn't log the source of the malicious
packet... :\

Thanx in advance,
MasteriZ

 

[MasteriZ]

-----Original Message-----
Mmm seems unlikely that anyone's doing that....

You're not on dial-up, right?

Are you using the built-in Windows XP Internet Connection Firewall (ICF)?
Or something else....

For ICF:
1) Go to your Network Connections (in Control Panel), r- click, and select
Properties
2) Click the Advanced tab, then click Settings
3) Then, click the Security Logging tab
This tells you where your log file goes (it's plain text), and what its name
is. You'll want to enable connection logging.

But I still have my doubts that it's happening.

What makes you think it is? Anything specific?


Good luck,
-Lawrence in Seattle

actually, i'm administering a lan (~60 users) and i'm
using the pc with WinXP as a workstation. So it's quite
possibe that some users (hackers-wannabes) are hoping to
gain access to routers, etc. by first gaining access to
my workstation. anyways, my system security log is
filled "logon failed" - 3 tries (until account locks out)
in one minute. Because I'm in lan, i don't want to use
ICW - i'm just too lazy to enable file&print sharing,
local net chat etc. ;-)
anyway, thanks for advice, but i think i'll just keep
sniffing myself for suspicious netbios sessions

Thank you,
MasteriZ