I ran Nmap on my network and found a laptop with something odd:
Port - 420/tcp
State - filtered
Service - smpte
What's odd is the machine is a Windows 2000 workstation with a couple of shared folders. The machine has file and print sharing enable and the workstation service is running, so the very least ports 135 & 139 should be opened. This is the only computer, out of a hundred pc's scanned, in the report like this.
The system has the latest patches from microsoft, McAfee virus scan did not report any viruses and SpySweeper did not find anything out of the ordinary.
The user of this coputer has been getting over seventy pieces of SPAM a day (in our enviroment that is excessive).
Should I be concerned about this computer.
Also I believe there is a system on the network that is spamming my users from inside the domain.
Port - 420/tcp
State - filtered
Service - smpte
What's odd is the machine is a Windows 2000 workstation with a couple of shared folders. The machine has file and print sharing enable and the workstation service is running, so the very least ports 135 & 139 should be opened. This is the only computer, out of a hundred pc's scanned, in the report like this.
The system has the latest patches from microsoft, McAfee virus scan did not report any viruses and SpySweeper did not find anything out of the ordinary.
The user of this coputer has been getting over seventy pieces of SPAM a day (in our enviroment that is excessive).
Should I be concerned about this computer.
Also I believe there is a system on the network that is spamming my users from inside the domain.