I am an IT person at a hospital and recently have found some interesting security logs in our server, which is 2003. It seems that someone has been attempting to hack into our network, I have their ips and everything and so far they are just using bogus account names. But since I found this I decided I better look around and see if anything else has happened and there seem to be a few unknown computers in a workgroup, not our domain, but in the workgroup. I have the computer names and they are very generic names, I can also get their ips. Basically I need to know how to get further details on them, such as possible clues to where they are and how they are connected to us, and how to remove them. As far as I know we do not have any open wireless connections, there is also a vpn connection but that has been disabled for the time being, and the firewall is setup to block pretty much all incoming connections.