Finding out particular admin username!
From: SvS (sevims@olisys.com)
Date: 10/13/02
- Next message: DEREK BURGESS: "HOAX VIRUS"
- Previous message: Rene Bunster: "Unauthorized Creation of Dial-up Connection"
- Next in thread: Dmitry Kulshitsky: "Re: Finding out particular admin username!"
- Reply: Dmitry Kulshitsky: "Re: Finding out particular admin username!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "SvS" <sevims@olisys.com> Date: Sun, 13 Oct 2002 04:02:45 -0400
Guys, I've been maintaining couple of Windows 2000 Advanced Servers and
using terminal services to administer them. Since terminal service is wide
open to internet, I decided to log the bad username/password attempts to
it. One result really scared the hell out of me.. I'm using very unique
administrator username , (I changed the administrator account username ) and
a very unique password to it.
I was going thru the logs today and noticed that somebody from outer
internet, knew my admin username!!!!.. From the logs I can only see the
usernames and the IP addresses of the user connecting from. I can't see what
password he tried, but he definitely knew my admin username which he MUST
have extracted from somewhere.. There is absolutely no way, I mean NO WAY he
could guess it...
Now, I'm curios if there is a bug in my server. All the security patches
everything is upto date. But I guess this is not enough, Anybody have an
idea, how might be this happening ?
Thank you in advance,
PS : Servers have netbios ports are opened but no anonymous access is
allowed. Shared to everyone however.
- Next message: DEREK BURGESS: "HOAX VIRUS"
- Previous message: Rene Bunster: "Unauthorized Creation of Dial-up Connection"
- Next in thread: Dmitry Kulshitsky: "Re: Finding out particular admin username!"
- Reply: Dmitry Kulshitsky: "Re: Finding out particular admin username!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
