My logs are full of this dude trying to get out. Anyone know what or who it is? Should I be concerned? Any help appreciated. Kansai
ff ff ff ff ff ff is a broadcast address in Ethernet (i.e. it reaches every other node in your local network). This is most likely to be DHCP (Dynamic Host Configuration Protocol - used to acquire an IP address and therefore both legitimate and necessary) but you would need to check the packet contents to be certain.
Use a packet sniffer like Ethereal or the Socket Spy function of Port Explorer. Edit: Socket Spy will only work with IP packets - you will probably need Ethereal. That broadcast packet could also have been an ARP request (see Address Resolution Protocol (arp) for more details).
MSSQL server.exe Must have been a leftover when I was using TrackIT (help desk software) in my diploma course at tech. Port explorer highlighted all the connections, I deleted the software and all is quiet in the logs again. Thanx for your time. Cheers. Kansai