i can see such info in win2k system log (security log):
successful network logon : user:IUSR_Server domain:Server logon ID:(0x0,0x9D3DD)
logon model: 3 logon procedure: IIS
how this happen?can they really logon my system? what can they do on my machine? i have stoped the SERVER process.but the same infomation still happen at about 03:00~05:00.
what can i do then?i want to make my system more strong.