Anonymous Logon

Archived from groups: microsoft.public.win2000.security (More info?)

I am having several Anonymous Logon entries in my security log in Windows 2K
Server. Please answer the following questions if possible.

1. How can I track down to see exactly what the Anonymous logon client is
accessing?

2. How can I determine where or how the Anonymous logon client is accessing
from?

3. Does the system have to have Anonymous Logon, and if not can I disable
it?

Thanks for your help.
2 answers Last reply
More about anonymous logon
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    On Wed, 23 Mar 2005 10:47:56 -0600, "Preacher Man"
    <SLawson@-no-spam-bouldincorp.com> wrote:

    >I am having several Anonymous Logon entries in my security log in Windows 2K
    >Server. Please answer the following questions if possible.
    >
    >1. How can I track down to see exactly what the Anonymous logon client is
    >accessing?
    >
    >2. How can I determine where or how the Anonymous logon client is accessing
    >from?
    >
    >3. Does the system have to have Anonymous Logon, and if not can I disable
    >it?

    Most likely it's IIS. If you don't use IIS remove it. If you don't
    want anonymous web access, remove anonymous access from the web site
    in IIS.

    Jeff
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    Anonymous logons [null sessions] are common with Windows networking and
    mostly used by browse list maintenance for My Network Places. If you disable
    netbios over tcp/ip or file and print sharing on a computer the anonymous
    logons can be greatly reduced or eliminated. They are not a problem if you
    have a firewall protecting your network, enforce the use of complex
    passwords for your network, and monitor for unusual activity for failed
    logon attempts.. --- Steve

    http://support.microsoft.com/?kbid=246261 --- explanation of null sessions
    and how to restrict them IF compatible with your network configuration.

    "Preacher Man" <SLawson@-no-spam-bouldincorp.com> wrote in message
    news:eR5J2h8LFHA.1472@TK2MSFTNGP14.phx.gbl...
    >I am having several Anonymous Logon entries in my security log in Windows
    >2K Server. Please answer the following questions if possible.
    >
    > 1. How can I track down to see exactly what the Anonymous logon client is
    > accessing?
    >
    > 2. How can I determine where or how the Anonymous logon client is
    > accessing from?
    >
    > 3. Does the system have to have Anonymous Logon, and if not can I disable
    > it?
    >
    > Thanks for your help.
    >
    >
Ask a new question

Read More

Security Microsoft Windows