when i run netstat -a on my win2003 server i get a lot of results similar to the following sample (i've XXXd out the real names)
TCP MYSERVER:ms-sql-s ns.XXX.co.uk:5432 TIME_WAIT
TCP MYSERVER:ms-sql-s ns.XXX.co.uk:5968 TIME_WAIT
TCP MYSERVER:ms-sql-s ns.XXX.co.uk:5994 TIME_WAIT
where MYSERVER is my server machine name and ns.XXX.co.uk is an address that ive no idea why it would be showing up here. again, its not really XXX.co.uk - i just didnt want to type in the real name here. there about 150 of these types of entries
i have the server monitored daily and im pretty sure the ports are locked down, but im still concerned that this might be a potential security problem - please explain or let me know your thoughts - do i need to do anything? if so, what?