• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

domain controler port scanning one computer on network

I have vpn conections through sonicwall tz170's from our head office to our branches.  Recently one of our sonicwalls started reporting that our 2003 domain controler was port  scanning one of the computers at a branch.  It is only one computer and is always the same every 15min to an hour.  here is a what the sonicwall warning says "08/25/2004 15:58:29.336 -       Possible port scan dropped -       Source:*.*.151.1, 53, WAN -       Destination:*.*.155.39, 1226, LAN -       TCP scanned port list, 1219, 1219, 1219, 1219, 1219 - "  the port does not stay the same it goes from 1100 or so to 4000 or so.  climbs and then starts over again.  This computer is not on the domain but is is a 2000 box that is actually just a dumb terminal that is used to connect to a terminal server.  The *.*.151.1 is one of our domain controlers.  It has been scaned for viruses and come up clean.  But I do not think it is a virus problem becasue it is centered around just one computer.  We have identical systems at other branches with sonicwalls there and do not have the same problem.  Any suggestions would be greatly apreciated.
0
walub
Asked:
walub
1 Solution
 
ErikPhilipsCommented:
Did you also check for trojans and IE crapola?  Try using spybot search and destroy

http://www.safer-networking.org/en/index.html
0
 
walubAuthor Commented:
I figured out what the problem. it was that the systems still had the extention .mydomain.com under computername; networkid.  thanks for the attempt though.
0
 
moduloCommented:
PAQed with points refunded (250)

modulo
Community Support Moderator
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now