Re: LSASRV - Event ID 40968...

From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
Date: Wed, 8 Feb 2006 07:35:41 -0700

I doubt that there is a way, at least not without disabling more
than you would want disabled.
I also am left wondering why as these are intended to clue the
admin that something is amiss - either an intentional attempt to
"plug up" or compromise the correct function of the (arguably)
most critical subsystem, or an unintended client in error state.

"Cyberstorme" <Cyberstorme@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:03DDA9CF-C5DB-43F0-9EA9-C3749DE596D0@xxxxxxxxxxxxxxxx

Seeing the following event being logged on our servers, when a Security
(Vulnerability) scan is run in the environment. Is there any way to
prevent
these events from being logged/reported?

40968,WARNING,LSASRV,Sun Feb xx xx:xx:xx 2006,No User,The Security System
has received an authentication request that could not be decoded. The
request has failed.

Prev by Date: Re: Mapping drive from 2000 Advanced Server to 2003 Server
Next by Date: Re: Can't upgrade Net frameWork error?
Previous by thread: Re: Unencrypting files on old Win2k drive
Next by thread: Re: LSASRV - Event ID 40968...
Index(es):
- Date
- Thread

Relevant Pages

Re: Unwanted Pop Up Ads
... > I said that disabling a service don't make a system MORE vulnerable. ... UNLESS you have applications in need of that port. ... Although disabling the messenger service does not make the system "more ... a warning sign of the vulnerability. ...
(microsoft.public.security)
Re: Display inserted object as icon not functioning
... try disabling the Office Plugin that comes with it. ... See http://support.microsoft.com/?kbid=329820 "How to use Office programs with the Norton AntiVirus Office plug-in" for more information. ... We came across a variant of it; in our test environment we are able to insert a pdf object into word that gets displayed as an icon, but in our production environment this gives the error " This object was created in Acroexch. ... Tests with a simple txt document give a similar error message. ...
(microsoft.public.office.misc)
Re: Core services... ?
... Our focus is going to be new XP workstations that are brought into the envrionment. ... >> affecting end users in our environment. ... >> decide if it would strengthen our environment by disabling any unnecessary ... >> emphasis here is security. ...
(microsoft.public.windowsxp.security_admin)
Re: Core services... ?
... >I need some advice on the impact of security with respect to some of the>default services that roll out with Windows XP? ... It has been suggested to look at> some 40+ services that are enabled by default with Windows XP and try to> decide if it would strengthen our environment by disabling any unnecessary> ones. ...
(microsoft.public.windowsxp.security_admin)
Re: Much ado about nothing.
... Administrators can remove this vulnerability by disabling the ... Challenge-Response authentication parameter within the OpenSSH daemon ... configuration file. ... This workaround will permanently remove the vulnerability. ...
(FreeBSD-Security)