Anonymous LogOff and UDP Out Connections

["Mark Sargent" <powderkeg () snow email ne jp>]

Hi All,

When activating the LAN, I notice numerous UDP packet attempts to a number
of different IPs,

61.111.253.229
61.111.93.64
61.111.31.214

on the Host machine. All attempts are from the localhost on port 137 to
owner;stystem on 137. What are thse attempts. Also, I'm seeing numerous
LogOff alerts in Security Event Viewer.

User Logoff:
        User Name:      ANONYMOUS LOGON
        Domain:         NT AUTHORITY
        Logon ID:               (0x0,0xBC852)
        Logon Type:     3

User Logoff:
        User Name:      ANONYMOUS LOGON
        Domain:         NT AUTHORITY
        Logon ID:               (0x0,0xB9BB8)
        Logon Type:     3

User Logoff:
        User Name:      ANONYMOUS LOGON
        Domain:         NT AUTHORITY
        Logon ID:               (0x0,0xB1C26)
        Logon Type:     3

16 in the past 2-3hrs.

I'm also getting a lot of attempts from the Client, 192.168.0.2 to connect
to port localhost on port 53, UDP(there is no owner). What is all of this..?
I'm stealthed according to the security checks here on this site and
grc.com. Any help appreciated. Cheers.

OS = Win2kPro(both Host(192.168.0.1) and Client(192.168.0.2))
Firewall = Kerio
Connection = ISDN


---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------