Security

There is an exploit out for RemoteAdmin 2.1 (and 2.0, AFAIK). It does allow remote code execution in the RemoteAdmin service. This is possibly what people are using against your servers.
There is NO new version of RemoteAdmin, nor a patch to fix this.
So, how can you protect your servers???
DON'T run RemoteAdmin on servers that you can connect to over the Internet!
It is a better thing to run a VPN connection into your network, then launch RemoteAdmin through the VPN tunnel. This way, you don't open the RemoteAdmin port on the machines at the firewall, so no Internet access to the port. Only VPN-authenticated users could connect to RA.

You can configure Radmin to use any port number you like if it's easier than using VPN - make it a bizarre number only your people know. You can also use NT security to restrict access.

There is also a new version of Radmin v3.0 which is currently in beta and which you get as a free upgrade from v2.1. I don't know whether it addresses this concern - but you could check it out:
http://www.famatech.com/radmin/new/

Windows 2000: install ISA services and include an access filter to just allow acess to port 4899 from selected IPs.