Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Event 529/681 - Security attempt

Status
Not open for further replies.
littlelegs

littlelegs

MIS
Jul 21, 2004
11
CA
Can anyone confirm that the workstation entry in events 529 and 681 is where the attempt was made? I was examining a server with RDP and there are a number of failed audit attempts on the security log - there isn't a corresponding Successful event so I don't believe the system has been compromised but I wanted to verify that the system that is under 'attack' is the one identified in the event.
 
Status
Not open for further replies.

Similar threads

andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
108
RRankin355
RRankin355
blpcrs
  • Locked
  • Question
Disk Space warning in real time in Event Viewer?
Replies
0
Views
152
blpcrs
blpcrs
amanua
  • Locked
  • Question
Event ID 4776 Security Log
Replies
0
Views
90
amanua
amanua
littleruss21
  • Locked
  • Question
Alert\Event Log when a computer joins the domain
Replies
2
Views
154
littleruss21
littleruss21
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2012.
Replies
0
Views
51
Bigbadjoe
Bigbadjoe

Part and Inventory Search

Sponsor

Back
Top