Alerts from server to PC?

["Carlton L. Whitmore" <cwhitmore () Advocacyinc org>]

I've been getting several of these alerts a day. The IP that ends with
.9 is the server and .63 is the PC.. What causes alerts going from the
server to the PC? The server is a Print/File W2k Server. 
Is there a way to block alerts that originate from certain IP addresses?


EVENT # : 198033 
EVENTLOG : Application 
EVENT TYPE : INFORMATION (4) 
SOURCE : snort 
EVENT ID : 1 
TIME : 8/16/2004 10:42:36 AM 
MESSAGE : [1:2404:5] NETBIOS SMB-DS Session Setup AndX request unicode
username overflow attempt [Classification: Attempted Administrator
Privilege Gain] [Priority: 1]: {TCP} 160.214.186.9:1894 ->
160.214.186.63:445