Solved

domain controler port scanning one computer on network

Posted on 2004-08-25
4
209 Views
Last Modified: 2010-04-11
I have vpn conections through sonicwall tz170's from our head office to our branches.  Recently one of our sonicwalls started reporting that our 2003 domain controler was port  scanning one of the computers at a branch.  It is only one computer and is always the same every 15min to an hour.  here is a what the sonicwall warning says "08/25/2004 15:58:29.336 -       Possible port scan dropped -       Source:*.*.151.1, 53, WAN -       Destination:*.*.155.39, 1226, LAN -       TCP scanned port list, 1219, 1219, 1219, 1219, 1219 - "  the port does not stay the same it goes from 1100 or so to 4000 or so.  climbs and then starts over again.  This computer is not on the domain but is is a 2000 box that is actually just a dumb terminal that is used to connect to a terminal server.  The *.*.151.1 is one of our domain controlers.  It has been scaned for viruses and come up clean.  But I do not think it is a virus problem becasue it is centered around just one computer.  We have identical systems at other branches with sonicwalls there and do not have the same problem.  Any suggestions would be greatly apreciated.
0
Comment
Question by:walub
4 Comments
 
LVL 4

Expert Comment

by:ErikPhilips
Comment Utility
Did you also check for trojans and IE crapola?  Try using spybot search and destroy

http://www.safer-networking.org/en/index.html
0
 

Author Comment

by:walub
Comment Utility
I figured out what the problem. it was that the systems still had the extention .mydomain.com under computername; networkid.  thanks for the attempt though.
0
 

Accepted Solution

by:
modulo earned 0 total points
Comment Utility
PAQed with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Join & Write a Comment

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now