Am I seeing an attempted security breach?
From: Daren Addison (DarenAddison_at_discussions.microsoft.com)
Date: 01/17/05
- Next message: Tobias R: "Re: automatic eMail copy to CEO"
- Previous message: GrahamS: "Re: Branch Office"
- Next in thread: Massimo Piceni: "RE: Am I seeing an attempted security breach?"
- Reply: Massimo Piceni: "RE: Am I seeing an attempted security breach?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 17 Jan 2005 01:37:03 -0800
I have posted below the event that concerns me.
I have this message logged daily over the past week (as far back as I have
checked so far). The strange thing is that the time stamp is identical
everyday,
at 13:33.
Logon Failure:
Reason: Unknown user name or bad password
User Name: <myname>
Domain: <domain name>
Logon Type: 4
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: <sbs server>
Caller User Name: <server name$>
Caller Domain: <domain name>
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 1292
Transited Services: -
Source Network Address: -
Source Port: -
Any advice would be welcomed.
Running SBS2003 std. Using Intelligent Gateway 1800 office portal, which has
built in firewall. Using NAT config.
Server has 2NICs.
- Next message: Tobias R: "Re: automatic eMail copy to CEO"
- Previous message: GrahamS: "Re: Branch Office"
- Next in thread: Massimo Piceni: "RE: Am I seeing an attempted security breach?"
- Reply: Massimo Piceni: "RE: Am I seeing an attempted security breach?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
