S
ScareCrowe
I'm sure this has been covered before, but I have not found a satisfactory
solution to the issue. I constantly have the ANONYMOUS LOGON event from a
remote computer (Usually HOD) in my Event Viewer. I have installed several
patches from MS and have denied network logon in both local/domain policies.
I haven't seen any 'working' solutions anywhere on the net. Applying the
patches has considerably affected the successful logons, but it has not
eliminated them.
Has anyone had any success beyond what I have so far? Or can someone answer
some of these questions?
I can't seem to find any log info concerning the IPs of these remote
connections. Does XP store these someplace? The tedious process I have been
using is via cmd line -> 'netstat -a -n 5 > netstat.txt', then filtering
everything out.
The NTLM, is it possible to enforce some authorization that will only
validate PCs that I specifically allow, ignoring any conn request from a PC
not listed?? I only have a handful of boxes here (8) and setting something
up like this I believe will be less work overall (In retrospect).
--ScareCrowe
solution to the issue. I constantly have the ANONYMOUS LOGON event from a
remote computer (Usually HOD) in my Event Viewer. I have installed several
patches from MS and have denied network logon in both local/domain policies.
I haven't seen any 'working' solutions anywhere on the net. Applying the
patches has considerably affected the successful logons, but it has not
eliminated them.
Has anyone had any success beyond what I have so far? Or can someone answer
some of these questions?
I can't seem to find any log info concerning the IPs of these remote
connections. Does XP store these someplace? The tedious process I have been
using is via cmd line -> 'netstat -a -n 5 > netstat.txt', then filtering
everything out.
The NTLM, is it possible to enforce some authorization that will only
validate PCs that I specifically allow, ignoring any conn request from a PC
not listed?? I only have a handful of boxes here (8) and setting something
up like this I believe will be less work overall (In retrospect).
--ScareCrowe