Anonymous Logon
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.security (More info?)
I am having several Anonymous Logon entries in my security log in Windows 2K
Server. Please answer the following questions if possible.
1. How can I track down to see exactly what the Anonymous logon client is
accessing?
2. How can I determine where or how the Anonymous logon client is accessing
from?
3. Does the system have to have Anonymous Logon, and if not can I disable
it?
Thanks for your help.
I am having several Anonymous Logon entries in my security log in Windows 2K
Server. Please answer the following questions if possible.
1. How can I track down to see exactly what the Anonymous logon client is
accessing?
2. How can I determine where or how the Anonymous logon client is accessing
from?
3. Does the system have to have Anonymous Logon, and if not can I disable
it?
Thanks for your help.
More about : anonymous logon
Archived from groups: microsoft.public.win2000.security (More info?)
On Wed, 23 Mar 2005 10:47:56 -0600, "Preacher Man"
<SLawson@-no-spam-bouldincorp.com> wrote:
>I am having several Anonymous Logon entries in my security log in Windows 2K
>Server. Please answer the following questions if possible.
>
>1. How can I track down to see exactly what the Anonymous logon client is
>accessing?
>
>2. How can I determine where or how the Anonymous logon client is accessing
>from?
>
>3. Does the system have to have Anonymous Logon, and if not can I disable
>it?
Most likely it's IIS. If you don't use IIS remove it. If you don't
want anonymous web access, remove anonymous access from the web site
in IIS.
Jeff
On Wed, 23 Mar 2005 10:47:56 -0600, "Preacher Man"
<SLawson@-no-spam-bouldincorp.com> wrote:
>I am having several Anonymous Logon entries in my security log in Windows 2K
>Server. Please answer the following questions if possible.
>
>1. How can I track down to see exactly what the Anonymous logon client is
>accessing?
>
>2. How can I determine where or how the Anonymous logon client is accessing
>from?
>
>3. Does the system have to have Anonymous Logon, and if not can I disable
>it?
Most likely it's IIS. If you don't use IIS remove it. If you don't
want anonymous web access, remove anonymous access from the web site
in IIS.
Jeff
Archived from groups: microsoft.public.win2000.security (More info?)
Anonymous logons [null sessions] are common with Windows networking and
mostly used by browse list maintenance for My Network Places. If you disable
netbios over tcp/ip or file and print sharing on a computer the anonymous
logons can be greatly reduced or eliminated. They are not a problem if you
have a firewall protecting your network, enforce the use of complex
passwords for your network, and monitor for unusual activity for failed
logon attempts.. --- Steve
http://support.microsoft.com/?kbid=246261 --- explanation of null sessions
and how to restrict them IF compatible with your network configuration.
"Preacher Man" <SLawson@-no-spam-bouldincorp.com> wrote in message
news:eR5J2h8LFHA.1472@TK2MSFTNGP14.phx.gbl...
>I am having several Anonymous Logon entries in my security log in Windows
>2K Server. Please answer the following questions if possible.
>
> 1. How can I track down to see exactly what the Anonymous logon client is
> accessing?
>
> 2. How can I determine where or how the Anonymous logon client is
> accessing from?
>
> 3. Does the system have to have Anonymous Logon, and if not can I disable
> it?
>
> Thanks for your help.
>
>
Anonymous logons [null sessions] are common with Windows networking and
mostly used by browse list maintenance for My Network Places. If you disable
netbios over tcp/ip or file and print sharing on a computer the anonymous
logons can be greatly reduced or eliminated. They are not a problem if you
have a firewall protecting your network, enforce the use of complex
passwords for your network, and monitor for unusual activity for failed
logon attempts.. --- Steve
http://support.microsoft.com/?kbid=246261 --- explanation of null sessions
and how to restrict them IF compatible with your network configuration.
"Preacher Man" <SLawson@-no-spam-bouldincorp.com> wrote in message
news:eR5J2h8LFHA.1472@TK2MSFTNGP14.phx.gbl...
>I am having several Anonymous Logon entries in my security log in Windows
>2K Server. Please answer the following questions if possible.
>
> 1. How can I track down to see exactly what the Anonymous logon client is
> accessing?
>
> 2. How can I determine where or how the Anonymous logon client is
> accessing from?
>
> 3. Does the system have to have Anonymous Logon, and if not can I disable
> it?
>
> Thanks for your help.
>
>
Related ressources:
- ForumPreventing anonymous logon
- ForumWhat is Anonymous Logon
- ForumAnonymous logon in the event que list
- ForumANONYMOUS LOGON
- ForumWhy Anonymous Logon
- ForumAnonymous Logon for File Sharing without using Simple Shar..
- ForumEvent ID 538 Logon Type 3 NT AUTHORITY/ ANONYMOUS LOGON
- ForumAnonymous Logon
- Forumdisable anonymous logon
- ForumAnonymous Logons
- ForumAnonymous Logons
- ForumANONYMOUS LOGON 's in Secuirty Log's
- Forumbrowse Ldap as Anonymous !!!
- ForumLog anonymous share access
- ForumParallel and com ports not appearing in device manager
- ForumEvent ID 538 & 540 whenuser did not logon
- ForumHow to make LOGON/LOGOFF events appear on the DC?
- ForumAccount logon failure 673
- ForumHow to detect user logon rights on win2k/xp?
- Forumwin2000 has spyware, can I logon with console repair and d..
- More resources
!
