Re: weird security logs

From: Alissa (shauna@tds.net)
Date: 11/07/02 

From: "Alissa" <shauna@tds.net>
Date: Thu, 07 Nov 2002 18:38:02 GMT

>>You should not set RestrictAnonymous to 2. It is not a supported
configuration.

Hmm...if it is not supported by Microsoft Windows, why is it a configuration
that you are able to select?

"Eric Fitzgerald [MS]" <ericf@online.microsoft.com> wrote in message
news:3dc19033$1@news.microsoft.com...
> You should not set RestrictAnonymous to 2. It is not a supported
> configuration.
>
> Removing "Everyone" from "Access this computer from network" might work,
but
> might also have unintended side effects, but is a better solution.
>
> Eric
>
> "NeoSadist" <neos@dist> wrote in message
> news:us14re2b65h79d@corp.supernews.com...
> >
> > "Eric Fitzgerald [MS]" <ericf@online.microsoft.com> wrote in message
> > news:3dc07d97$1@news.microsoft.com...
> > > Usually this is the browser service. If you want to experiment, turn
> off
> > > the browser service on all your machines (just stop it, don't disable,
> no
> > > reboot required, and restart it when you're done testing).
> > >
> > > You can make sure that anonymous is not getting any unnecessary
> privileges
> > > by setting RestrictAnonymous to 1.
> > >
> > > Eric
> > >
> > > "NeoSadist" <neos@dist> wrote in message
> > > news:us0cvrrpqpjc44@corp.supernews.com...
> > > > I'm getting a lot of authentication logs in the security logs on an
> > > > ANONYMOUS user logging into my computers on win2k peer to peer
> workgroup
> > > > connected to a linksys router. They're success logs, with a type 3
> > login.
> > > > Does anyone know where I can learn how to decipher the event logs?
I
> > > don't
> > > > know what the event ID's mean either.
> > > >
> > > >
> > >
> > >
> >
> >
> > It's on restrictanonymous = 2 (no access without explicit permissions)
and
> > my security log logs when both login types have either success or
failure.
> > I remove the everyone group from "Access this computer from the
network".
> > So then I guess it's services and browser stuff. I guess it's cause I
> have
> > my local security policy \ local policies \ audit policy settings to
> success
> > and failure on both account logon events and logon events. I'll try
> > disabling the audit success on both and audit just fail. Thanks for
> helping
> > me to figure it out!
> >
> >
>
>

Relevant Pages

  • Re: weird security logs
    ... Internal communication issues here at Microsoft- we're a big company and ... obscure security settings. ... Even though the configuration setting is available, ... >>> my security log logs when both login types have either success or ...
    (microsoft.public.win2000.security)
  • Re: basic networking and X
    ... configuration, and hopefully some development. ... howto from http://www.minixtips.com/2006/06/running-minix-under-qemu.html, ... but I haven't had any success getting the network card to work or ...
    (comp.os.minix)
  • 5.25" Floppy Drive
    ... I need to add a 5.25" drive to my Win XP Pro system. ... success. ... The BIOS does provide an option for a 5.25" floppy. ... but when I try to add the 5.25" (any configuration on the ...
    (microsoft.public.windowsxp.hardware)
  • Printer configuration.
    ... I never have success following the ... I did the simple configuration it describes and when I ... there is communication between it and the machine through the device ulpt0. ...
    (freebsd-questions)
  • Re: AD/Simple bind - Why "user DN" fails, but "UPN-format" works?
    ... configuration of AD itself might be causing this behavior? ... if one configuration were using an integrated DNS server ... When you say "try auditing logon events on the DC", ...
    (microsoft.public.windows.server.active_directory)