WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: successful anonymous login

From: "V. Poddubnyy" <vpoddubniy () mail ru>
Date: Wed, 28 Jul 2004 01:01:45 +0400
Hello,

Did you prohibit ANONYMOUS LOGON to log on locally and from the network in
Group Policy (and Local Security Policy)?

--
Best regards,
 Vladimir



-----Original Message-----
From: Jose Rivera [mailto:jose () papugai com] 
Sent: Tuesday, July 27, 2004 9:59 PM
To: webappsec () securityfocus com
Subject: successful anonymous login

We recently migrated our web server into windows 2003.

Not sure where this is coming from...but successful login 
from an anonymous user doesn't sound good?

Please help or point in the right direction.

Thanks
Jose


Event Type:   Success Audit
Event Source: Security
Event Category:       Logon/Logoff 
Event ID:     540
Date:         7/27/2004
Time:         10:44:20 AM
User:         NT AUTHORITY\ANONYMOUS LOGON
Computer:     xxxxxx
Description:
Successful Network Logon:
      User Name:      
      Domain:         
      Logon ID:               (0x0,0x9BA1BD3)
      Logon Type:     3
      Logon Process:  NtLmSsp 
      Authentication Package: NTLM
      Workstation Name:       HOD
      Logon GUID:     -
      Caller User Name:       -
      Caller Domain:  -
      Caller Logon ID:        -
      Caller Process ID: -
      Transited Services: -
      Source Network Address: 81.60.187.145
      Source Port:    0


For more information, see Help and Support Center at 
http://go.microsoft.com/fwlink/events.asp.
Previous By Date Next
Previous By Thread Next

Current thread: