our samba-servers are getting the following messages in the logs:
Feb 14 04:56:47 njord smbd[5767]: Your machine may be under attack by someone attempting to exploit an old bug.
Feb 14 04:56:47 njord smbd[5767]: Attack was from IP = x.x.x.225.
Feb 14 06:59:06 njord smbd[6026]: [2006/02/14 06:59:06, 0] smbd/reply.c
50)
Feb 14 06:59:06 njord smbd[6026]: ERROR: Invalid password length 4222.
Feb 14 06:59:06 njord smbd[6026]: Your machine may be under attack by someone attempting to exploit an old bug.
Feb 14 06:59:06 njord smbd[6026]: Attack was from IP = x.x.x.225.
Feb 14 07:18:41 njord smbd[6085]: [2006/02/14 07:18:41, 0] smbd/reply.c
50)
Feb 14 07:18:41 njord smbd[6085]: ERROR: Invalid password length 4222.
Feb 14 07:18:41 njord smbd[6085]: Your machine may be under attack by someone attempting to exploit an old bug.
Feb 14 07:18:41 njord smbd[6085]: Attack was from IP = x.x.x.225.
I have virusscan'ed and run ad-aware on the pc with IP x.x.x.225, but its still making log-entries.
Does anyone have any suggestions? its a win2k pc. our samba-servers are linux and hp-ux.