Hey all, This is really off topic, but I am having problems find a solution.
There are a number of workstations that are repeatedly trying to hack my admin password on two of my subnets. I can see when they try their password attempts and they are using basic Microsoft Authentication. However the Event Viewer only gives me the workstation name (and the domain/work group name which is the same as the workstation name). Does anyone have any suggestions as to how I could pin down an IP address. The nature of these attempts (and timing) could point out that some student either has been hacked or is purposely running these. As such, if I can discern an IP address I can put an end to them. Thanks, Chuck _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]