Re: security log + unauthorized lgons?
- From: "Lanwench [MVP - Exchange]" <lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 17 Oct 2006 10:23:16 -0400
In news:ED3ECA80-16FD-49BA-92FC-AE29364DB157@xxxxxxxxxxxxx,
Dan Shallbetter <DanShallbetter@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hello,
Login to my SBS 2003 SP1 premium server remotely and had an
application open on the desktop that I do not recall opening.
Who else besides you has the (or any) admin access/passwords?
Are you using ISA?
Who has physical access to the server?
The
security log shows users Anonymous logon, and administrator logging
in at various times very early in the AM. Not certain if the admin
account login is due to normal maintenance? Is the Anonymous logon
another default account like guest?
Thanks,
Dan
Anonymous is a built-in thing and could show up for a bajillion reasons.
There are different types of logins, tho - interactive ones show up
differently from network access, etc. I get very confused with it all,
frankly, and it makes my head ache. You could check out www.eventid.net for
help - it's a very useful resource.
Change the admin credentials for any account that has any sort of admin
access. Nobody should really be using Administrator for anything; it should
have a very good password on it indeed. And you should set up your own
account with the group membership you need, and use that for admin. And log
in using a different (limited user) account for daily use.
.
- Follow-Ups:
- Re: security log + unauthorized lgons?
- From: Maxibo
- Re: security log + unauthorized lgons?
- Prev by Date: Re: change type of licence in windows 2003 small business server
- Next by Date: Re: change windows server 2003 small business type of licence
- Previous by thread: Re: silly questions about CALs
- Next by thread: Re: security log + unauthorized lgons?
- Index(es):
Relevant Pages
|
