Buenos Días,
Un administrador de una LAN a la cual está ligada mi empresa me está
entregando los siguientes reportes sobre supuestos "ataques" a la red por
parte de unos equipos que conforman mi área, la descripción se las adjunto
al final del correo. Alguien puede corroborarme esto? Agradezco de antemano
su información:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 30/10/2007
Time: 09:33:56 a.m.
User: NT AUTHORITY\SYSTEM
Computer: ESALAZAR
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: pmillan
Domain: HPPATMIL
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: HPPATMIL
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 10.6.5.17
Source Port: 0
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Logon Failure:
Reason: Unknown user name or bad password
User Name: svides
Domain: HP69321282140
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: HP69321282140
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 10.6.5.101
Source Port: 0
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Logon Failure:
Reason: Unknown user name or bad password
User Name: iuribe
Domain: AMK28
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: AMK28
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 10.6.5.210
Source Port: 0
Cordialmente, Julio Ruiz
Últimos mensajes - Powered by IBM
Palabras claves
Hacer una pregunta
Siga el debate
Tengo una respuesta
Miércoles 24 de abril - 21:29
Registrar
Leer las respuestas