B
buc
Guest
I have set up WEB server (Windows 2003 SP2 with IIS) to host a site. While
looking through the security events audit. I noticed a large number of
FAILURE AUDITS with the MICROSOFT_AUTHENTICATION_PACKAGE_V1 and KRBTGT\
service. These audits have various logon user names like PETER, APPLE, ROOT,
LISA, MASTER, DOG and other random names. It has the sourceworkstation = the
computer name of my server, and it has an error code of 0xC0000064. I am
concerned. This happens for about a minute and stops during certain days.
What is this? Is it an inside or outside hijack. What can this do? Can it
control the computer.
Thanks
BUC
looking through the security events audit. I noticed a large number of
FAILURE AUDITS with the MICROSOFT_AUTHENTICATION_PACKAGE_V1 and KRBTGT\
service. These audits have various logon user names like PETER, APPLE, ROOT,
LISA, MASTER, DOG and other random names. It has the sourceworkstation = the
computer name of my server, and it has an error code of 0xC0000064. I am
concerned. This happens for about a minute and stops during certain days.
What is this? Is it an inside or outside hijack. What can this do? Can it
control the computer.
Thanks
BUC