General discussion


Anoymous login in windows 2000

By trackme ·
Hi ,
I have win2k pro with SP2 ,I have only 4 users created which includes the guest and administrator ,and one with user level access and one with administrative previlege user ..So totally i have only 4 users in this ...
Recently when i saw security log i saw that some user anonymoys logon user logged in ..
below is the descritpion
Event Type: Success Audit
Event Source: Security
Event Category: Privilege Use
Event I 576
Date: 5/28/2003
Time: 11:50:33 AM
Computer: SMC2176
Special privileges assigned to new logon:
User Name:
Logon I (0x0,0x71FF)
Assigned: SeChangeNotifyPrivilege
I have no idea who is this is User ,is it normal ,is it a securitybreach ..
Please help me
Anantha krishnan

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Anoymous login in windows 2000

by d.walker5 In reply to Anoymous login in windows ...

One of the more common reasons you'll see anonymous logon events is someone attempting to access one of the anonymously-allowed registry paths defined in:
►HKLM\System\CurrentControlSet\Control\SecurePipeServers\w inreg\AllowedPaths in the "Machine" value. These include:

>System\CurrentControlSet\Control\Server Applications
>Software\Microsoft\OLAP Server
>Software\Microsoft\Windows NT\CurrentVersion
>System\CurrentControlSet\Control\Terminal Server
>System\CurrentControlSet\Control\Terminal Server\UserConfig
>System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration

I suggest you logon as Administrator. Start | Run |MMC |Add | Group Policy |Windows Settings |Security |Local |Security option. Top entry, right hand pane, Add'l Restrictions for Anonymous Users, Left click SECURITY. In drop down box select: "o Access without explicit Anonymous Permission."

Also, install a Firewall, e.g. Zone Alarm.

Related Discussions

Related Forums