Re: Can Somone Tell Me If We Have a Hacker?
- From: "Steven Burn" <somewhere@xxxxxxxxxxxxxxx>
- Date: Tue, 27 Jun 2006 21:04:07 +0100
Been getting quite a few of these myself ..... everything from IIS to FTP to
SMTP (most common is my SMTP server). As with yourself however, I tend to
use quite complex pw's that are changed twice daily.
--
Regards
Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk
Keeping it FREE!
"razor" <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7BF4A62E-0BE8-4A57-AD23-147AA71AB5C3@xxxxxxxxxxxxxxxx
Hello--to
I am pasting an event log from our IIS/web server that repeats about 50
times every day during non-business hours. Our SQL administrator seems to
believe that somone is trying to hack into our system via FTP.
Can somone tell me if the below is a hacker, and what we can do about it?
Event Type: Warning
Event Source: MSFTPSVC
Event Category: None
Event ID: 100
Date: 6/25/2006
Time: 12:45:25 PM
User: N/A
Computer: PWARDELLIIS
Description:
The server was unable to logon the Windows NT account 'Administrator' due
the following error: Logon failure: unknown user name or bad password.The
data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2e 05 00 00 ....
Many thanks,
sd
.
- Prev by Date: Re: Renew certificate
- Next by Date: Re: The IIS service does not seem to be serving up .asmx or .asp p
- Previous by thread: Re: Can Somone Tell Me If We Have a Hacker?
- Next by thread: Re: Can Somone Tell Me If We Have a Hacker?
- Index(es):
Relevant Pages
|
