Re: Multiple Failed Password Change Attempts!

From: a (a_at_a.com)
Date: 11/08/04 

Date: Mon, 8 Nov 2004 19:42:44 +0800

yes thats exactly what it was

i had a feeling it was a false alarm

thanks for the responses

"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:%23OoicHLxEHA.4004@tk2msftngp13.phx.gbl...
> Are you sure about the time of these, as this is something one
> will see as a result for running MBSA with use of the option
> to check account passwords.
>
> --
> Roger Abell
> Microsoft MVP (Windows Server System: Security)
> MCSE (W2k3,W2k,Nt4) MCDBA
> "a" <a@a.com> wrote in message
> news:%23ihLVw%23wEHA.1292@TK2MSFTNGP10.phx.gbl...
> > In the last 2 months there have been two occasions on my Windows 2K Pro
> > machine in which many multiple change password attempts have been
recorded
> > in my security log. On both occasions about 50 change password attempts
> were
> > recorded, in rapid succession (1-2 seconds of each other), all against
my
> > local user accounts, being the guest account (renamed BrendanGuest,
> > passworded and disabled) as well as other user accounts. Interestingly
the
> > PETER user account present on my PC was not targeted at all - note that
> the
> > PETER PC is the ICS host and gateway to the internet in my LAN.
> >
> > Attached is an example from my security log of what has happened. As you
> can
> > see the change password attempts were down under my user name (I am the
PC
> > administrator) and using my privileges.
> >
> >
> > What on earth is going on here? Both times these things occurred I was
> > offline. I have run almost every security test/scan known to man
including
> > the Microsoft baseline security analyser to no avail.
> >
> > My PC specs are as follows:
> >
> > Win2K Pro SP4 completely up to date with all hotfixes
> > ZoneAlarm Pro 4.5.538.001 with auto-clean cache/cookies/temp every day
> > Norton Antivirus 2004 Pro completely up to date
> > Ad-aware 6, Spyware Blaster, SpyBot with host file locked/various other
> > security features completely up to date
> > Peerguardian
> >
> > Can someone enlighten me with this? All help appreciated.
> >
> >
> >
>
>

Relevant Pages

  • Re: OT: disabling APIs to prevent keystroke logging
    ... I have googled keylogging but there's a ton of info a mostly ads. ... I've dealt with security issues in my work as a software ... Researcher refutes Microsoft's account of hijacked Hotmail passwords ... passwords were obtained in a massive phishing attack. ...
    (alt.sys.pc-clone.dell)
  • RE: passwords in asp pages
    ... and using integrated security for connecting to the database- this will ... remove cleartext passwords from the files. ... grab the raw asp source from the server. ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Oh Dear, Where to start?!
    ... > sort of security solution? ... > use, passwords, physical security, backup/disaster ... > admin, network admin, tech support, programming, and ... Theres lots of software out there for backups. ...
    (Security-Basics)
  • Re: Final Year Project Brainstorming
    ... An interesting and always relevant topic is passwords. ... with a real-life scenario where Ubuntu's security is better than Vista ... The computers were very old so they were told they would have to ... Figure the cost of IT person for Vista vs ...
    (Ubuntu)
  • [NT] Webserver 4D Weak Password Preservation Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... complete Web Server environment written entirely on top of 4th Dimension, ... WS4D web server saves the passwords somewhere insecure. ...
    (Securiteam)
Quantcast