Re: Security events with same timestamp
- From: Harlan Carvey <keydet89@xxxxxxxxx>
- Date: Wed, 28 Dec 2005 07:17:48 -0800 (PST)
> There are "User Logoff" and "Successful Logon"
> events with the same timestamp in the security log.
> Can some explain this.
There isn't enough information available to explain
anything...
What type of system is the Event Log in question from?
Is it a PDC/BDC?
What other information is available in the event
records? Are all of these records for the same user?
>From the same system? Are they local or network
logins?
------------------------------------------
Harlan Carvey, CISSP
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Follow-Ups:
- Security templates and settings in Windows XP
- From: Bill Busby
- Security templates and settings in Windows XP
- References:
- Security events with same timestamp
- From: nandini_pani
- Security events with same timestamp
- Prev by Date: SecurityFocus Microsoft Newsletter #270
- Next by Date: Re: Security events with same timestamp
- Previous by thread: Security events with same timestamp
- Next by thread: Security templates and settings in Windows XP
- Index(es):
Relevant Pages
|
