ANONYMOUS LOGON
From: Mark Warbeck (mwarbeck@adelpia.net)
Date: 01/02/03
- Next message: Robin Twiggs: "Re: IPSEC Filter"
- Previous message: anonymous: "VPN Server in AD Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mark Warbeck" <mwarbeck@adelpia.net> Date: Thu, 2 Jan 2003 10:36:30 -0500
I run a AD tree with 3 DCs. It's running in mixed mode. All clients are W2K.
I keep getting these anonymous logon entries in my security logs. Here are
two one such entries, one a log on and one a log off:
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 538
Date: 1/2/2003
Time: 10:26:12 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: N301-01
Description:
User Logoff:
User Name: ANONYMOUS LOGON
Domain: NT AUTHORITY
Logon ID: (0x0,0x733FAB4)
Logon Type: 3
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 538
Date: 1/2/2003
Time: 9:02:03 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: N301-01
Description:
User Logoff:
User Name: ANONYMOUS LOGON
Domain: NT AUTHORITY
Logon ID: (0x0,0x72A0BD9)
Logon Type: 3
What's generating these entries? I don't allow any anonymous access (at
least I don't think I do).
-- -- Mark Warbeck mailto: mwarbeck@adelphia.net
- Next message: Robin Twiggs: "Re: IPSEC Filter"
- Previous message: anonymous: "VPN Server in AD Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
