Failure audit events not being logged
From: Renato Martins (renatoalmeidamartins_at_nospam.ibest.com.br)
Date: 06/30/04
- Next message: Jeff Cochran: "Re: What are the legal ramifications for hacking a messageboard server"
- Previous message: Hernán Castelo: "Re: help:site hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Jun 2004 15:46:42 -0300
Hi all,
does someone have an idea of what might be happening? I have a Windows
Server 2003, for testing purposes. It's the only domain controller
(actually, the only PC on my network). I've adjusted the "Default domain
policy", so that the Success and Failuer of Account Logon and Logon Events,
are audited (by going to "Computer configuration", "Security Settings",
"Local Policies", "Audit policy").
After having set this up, I try to logon with a valid user, entering the
wrong password several times (for example, until account lockout). After
that, logging as administrator, and analyzing the security log, in event
viewer, I see no "Failure Audit" events. Only the "Success Audit" events...
Is there a bug related to the logging of failed logon attempts??? Any clues
on this?
Thanks in advance.
Renato
- Next message: Jeff Cochran: "Re: What are the legal ramifications for hacking a messageboard server"
- Previous message: Hernán Castelo: "Re: help:site hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
