In our server event log I am getting the following event 6033 which is appearing every now and then. The ip address that is reported with it moves around the world and I cant even recognize them. This is running on a Windows Server 2003 64 bit machine and the Windows Firewall is also enabled but there is no hardware firewall enabled. The message that I get is mentioned below:
An anonymous session connected from <IP address> has attempted to open an LSA policy handle on this machine. The attempt was rejected with STATUS_ACCESS_DENIED to prevent leaking security sensitive information to the anonymous caller. The application that made this attempt needs to be fixed. Please contact the application vendor. As a temporary workaround, this security measure can be disabled by setting the \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD value to 1.
I have already searched for this issue on google but could not find anything. Can anyone please help me out.
Bookmarks