We have installed Windows server 2003 in our office which is used by some users to run some particular software and all. There is also a MSSQL database running on another Windows server 2003. At every 10 minutes or so we can see the below NT AUTHORITY\ANONYMOUS LOGON event in the event log of the SQL server.
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 538
Date: 15/6/2005
Time: 8:42:00 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: AMEDMAHCMEPS03
Description:
User Logoff:
User Name: ANONYMOUS LOGON
Domain: NT AUTHORITY
Logon ID: (0x0,0x759A8F2)
Logon Type: 3
And another one:
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 540
Date: 15/6/2005
Time: 8:42:00 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: AMEDMAHCMEPS03
Description:
Successful Network Logon:
User Name:
Domain:
Logon ID: (0x0,0x759A8F2)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: AMEDTSMAHC001
Logon GUID: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 143.83.63.197
Source Port: 0
Can anyone tell us how to solve this problem?
Bookmarks