General discussion

Locked

User account with admin rights

By mevans8182 ·
Hello:

I have a user account with admin rights assigned to it. In the wee hours of the night, someone tried to logon with this account and locked it. When I went to unlock the account, I looked at the "Last Intruder Address" -- which listed nothing. Usually it lists a segment number and a MAC address but this time nothing. I went back in the log about a week and it listed this: 81782022:000000000001
How can I find out who this is? Is there additional logging I can turn on the track down the individual? Thank you!

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

User account with admin rights

by isys In reply to User account with admin r ...

The MAC address of your intruder should be:

00 00 81 78 20 22

The 000000000001 is your IPX network number.

Collapse -

User account with admin rights

by mevans8182 In reply to User account with admin r ...

I assume this is the MAC address. 00000000000001 is actually not the IPX network number....The question is how do I find out who this is?

Collapse -

User account with admin rights

by isys In reply to User account with admin r ...

For a Netware environment, open a DOS box on your workstation and type the command:

nlist user /a

(space between words and before /)

This will give you a list of user names and MAC addresses of active connections.

Collapse -

User account with admin rights

by mevans8182 In reply to User account with admin r ...

Poster rated this answer

Collapse -

User account with admin rights

by mevans8182 In reply to User account with admin r ...

This question was closed by the author

Back to Security Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums