Think I am Being Hacked Into

[vich]

I happened to look at my terminal server licensing screen and noticed some weird "Issued to" names for temporary licenses. I am guessing someone is somehow hacking into our system. I tried security log and system event log around the times the licenses were issued but didn't see anything out of the ordinary.

We do allow VPN access to our network an am sure we don't have the most secure network. I am not sure where to look to figure out how to shut down the access. Our ISP comes through a Netopia DSL and we have a Linksys Wireless Router acting as the VPN.

We only have a few outsiders which should have access.

Any help would be appreciated.

 

[NortonES2]

Change the port that the terminal server listens on from 3389 to something high like 44444. You also need to check your firewall config and logs.

-------------------------------

If it doesn't leak oil it must be empty!!