Gary_Player Posted July 28, 2003 Share Posted July 28, 2003 When I tried loggin in a few mornings ago it said that I couldnt because the security log (or one of those) was too large. So I had to log in wiht the admin account and get rid of some of the older entries. I noticed in the midst of this that there was about 200 anonymous logon attempts between the hours of 2am and 5am. The computer was off at that point. I use remote desktop to the other computer on the network to access the internet. Any idea WTF happened? I checked the logs on the other computer and nada...there wasnt a thing. Both are running winXP Pro and theyre networked with a fairly new linksys switch... Link to comment Share on other sites More sharing options...
Sierra Posted July 28, 2003 Share Posted July 28, 2003 You can set the size of the log in the secpol.msc ... Link to comment Share on other sites More sharing options...
Steven Posted July 28, 2003 Share Posted July 28, 2003 When I tried loggin in a few mornings ago it said that I couldnt because the security log (or one of those) was too large. So I had to log in wiht the admin account and get rid of some of the older entries. I noticed in the midst of this that there was about 200 anonymous logon attempts between the hours of 2am and 5am.The computer was off at that point. I use remote desktop to the other computer on the network to access the internet. Any idea WTF happened? I checked the logs on the other computer and nada...there wasnt a thing. Both are running winXP Pro and theyre networked with a fairly new linksys switch... You should set the account lockout policy. Link to comment Share on other sites More sharing options...
Gary_Player Posted July 29, 2003 Author Share Posted July 29, 2003 Yea, I have it set so that after 3 failed logon attempts the system locks that account out till the admin resets it or 90min passes Link to comment Share on other sites More sharing options...
+BudMan MVC Posted July 29, 2003 MVC Share Posted July 29, 2003 I noticed in the midst of this that there was about 200 anonymous logon attempts between the hours of 2am and 5am.The computer was off at that point. I would have to say NO - if your machine was OFF you could not have anything in the logs. You do know just turning off the monitor does not turn your machine off :) Is the time off on the machine, ie just because the logs say it was 2am, does not mean that was the correct time Do you have the NIC set for wake on lan or something? What was the attempted access to? A ftp server? A webserver? If ftp is up and running - you will see quite a few anon attempts. Just the script kiddies looking for a place to store their warez :) Link to comment Share on other sites More sharing options...
Coolme Posted July 29, 2003 Share Posted July 29, 2003 Do you have the NIC set for wake on lan or something? Yeah, well if they had the wake_on_lan on how did the computer shutdown? Shut_On_lan? :wacko: Link to comment Share on other sites More sharing options...
+BudMan MVC Posted July 30, 2003 MVC Share Posted July 30, 2003 Yeah, well if they had the wake_on_lan on how did the computer shutdown? Shut_On_lan? :wacko: :huh: Do you even have a clue to what wake on lan is?? I would guess not from you post. A specific type of packet has to be sent to the MAC address of the NIC on the machine you want to wake up. It just doesn't turn on if there is traffic on the network. Link to comment Share on other sites More sharing options...
Recommended Posts