My Symantec 300 is logging the fact that access is denied to the admin console because of wrong username or password. It lists the source IP and its always a valid private address on my LAN! So far I've seen 4 different addresses listed. This all started about 2 weeks ago. WAN side admin is disabled. Remote desktop requires VPN to my RRAS server and its not logging any VPN connections at these times. Also the repetition of attempts is several per second so it must be program generated.
maybe someone is connecting wirelessly.
13th Feb 2008
We use Windows Live OneCare and it now probes firewalls/routers to insure the default password has been changed. Net idea for typical home users. We will get off of OneCare real soon because its just too much of a hassle in a business environment. But I do think it is a very good product for home users or very small businesses.
15th Feb 2008