Most likely those are null sessions used by the browser service to maintain
the browse list which is what users see in My Network Places. To make sure
your computer is secure against anonymous access to your shares make sure
that the guest account is disabled and configure any shares on the computer
to use authenticated users instead of everyone or users where you want to
grant that type of access. Type 2 logons are for interactive or via TS in
Windows 2000 while type 3 is for network access. The link below explains
more on how to restrict null sessions in Windows 2000 that can sometimes
break functionality so keep that in mind if you implement "no access without
explicit anonymous permissions". As long as the guest account is disabled
and you have a firewall to protect your network from untrusted networks such
as the internet I would not worry about those anonymous logon events though
it makes sense to restrict null sessions even more as long as it does not
break anything.
Steve
http://support.microsoft.com/?kbid=246261
The following tasks are restricted when the RestrictAnonymous registry value
is set to 2 on a Windows 2000-based domain controller: . Down-level member
workstations or servers are not able to set up a netlogon secure channel.
. Down-level domain controllers in trusting domains are not be able to
set up a netlogon secure channel.
. Microsoft Windows NT users are not able to change their passwords
after they expire. Also, Macintosh users are not able to change their
passwords at all.
. The Browser service is not able to retrieve domain lists or server
lists from backup browsers, master browsers or domain master browsers that
are running on computers with the RestrictAnonymous registry value set to 2.
Because of this, any program that relies on the Browser service does not
function properly.
Because of these results, it is not recommended that you set the
RestrictAnonymous registry value to 2 in mixed-mode environments that
include down-level clients. Setting the RestrictAnonymous registry value to
2 should only be considered in Windows 2000 environments only, and after
sufficient quality assurance tests have verified that appropriate service
levels and program functionality is maintained.
Note Pre-defined "High Secure" security templates set the RestrictAnonymous
registry value to 2, and because of this, caution should be used when using
these templates. For more information about the RestrictAnonymous registry
value, click the following article number to view the article in the
Microsoft Knowledge Base:
