|
| ||||||||||
| Tags: event log, nt authority, windows server 2003 |
Sponsored Links
NT AUTHORITY\ANONYMOUS LOGON in event log EVERY 12 minutes
Windows Security
 |
| | Thread Tools | Search this Thread |
|
| ||||||||||
| Tags: event log, nt authority, windows server 2003 |
|
| | Thread Tools | Search this Thread |
|
#1
06-10-2005
| ||||
| ||||
| NT AUTHORITY\ANONYMOUS LOGON in event log EVERY 12 minutes
Event Type: Success Audit Event Source: Security Event Category: Logon/Logoff Event ID: 538 Date: 15/6/2005 Time: 8:42:00 AM User: NT AUTHORITY\ANONYMOUS LOGON Computer: AMEDMAHCMEPS03 Description: User Logoff: User Name: ANONYMOUS LOGON Domain: NT AUTHORITY Logon ID: (0x0,0x759A8F2) Logon Type: 3 And another one: Event Type: Success Audit Event Source: Security Event Category: Logon/Logoff Event ID: 540 Date: 15/6/2005 Time: 8:42:00 AM User: NT AUTHORITY\ANONYMOUS LOGON Computer: AMEDMAHCMEPS03 Description: Successful Network Logon: User Name: Domain: Logon ID: (0x0,0x759A8F2) Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: AMEDTSMAHC001 Logon GUID: - Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 143.83.63.197 Source Port: 0 Can anyone tell us how to solve this problem?  |
|
#2
07-10-2005
| |||
| |||
|
I think that you will need to disable the policy setting by using Group Policy Object Editor and see if that works. Verify that the policy setting was enabled by using Group Policy, and then disable the policy setting by using Group Policy Object Editor. To do this you can go to the microsoft kb article for a detailed explanation, link is here - http://support.microsoft.com/kb/921468 |
|
#3
07-10-2005
| ||||
| ||||
| Re: NT AUTHORITY\ANONYMOUS LOGON in event log EVERY 12 minutes
Incase if you think that is the origin then you can also try to tweak the reg key controlling even if the machine is allowed to be a master or backup master browser so in the end it wont be able to participate. |
|
#4
07-10-2005
| ||||
| ||||
| Re: NT AUTHORITY\ANONYMOUS LOGON in event log EVERY 12 minutes
I think that turning off the computer browser service will also do the same thing. I was using some registry mods before when I was using the Windows 2000. I also dont know for sure whether there will be any further consequences by disabling the pc browser service but I have seen that as of now that service names can be sometimes misleading with the major candidate that could be tcp/ip netbios helper service that would lead on to believe that you can disable it incase if you are not using the netbios over tcp/ip. Though it is related to be a core service and can speed up things positively if it is disabled. |
|
|
| Thread Tools | Search this Thread |
| |
Similar Threads for: "NT AUTHORITY\ANONYMOUS LOGON in event log EVERY 12 minutes" | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Multiple copies of LocalService.NT AUTHORITY and NetworkService.NT AUTHORITY in My documents | Bearing | Operating Systems | 4 | 07-04-2011 10:16 AM |
| How to Fix: Anonymous Session Connected; Attempted to Open an LSA Policy Handle. Event 6033 | Jasonholt | Windows Security | 3 | 10-01-2011 06:24 AM |
| Anonymous Logon attempts from unknown ip's | Dev-Datta | Windows Software | 4 | 13-08-2010 01:28 AM |
| What is 'NT AUTHORITY\ANONYMOUS LOGON' every 15 secs | kyosang | Windows Security | 2 | 16-04-2009 05:40 AM |
| Event ID: 10016 // DCOM //NT AUTHORITY\NETWORK SERVICE | sevaanan | Small Business Server | 1 | 14-05-2008 12:49 AM |
