Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to deal with security?

Status
Not open for further replies.
Ovatvvon

Ovatvvon

Programmer
Feb 1, 2001
1,514
US
I received the following in my event log security section:


Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 681
Date: 8/5/2002
Time: 4:47:16 PM
User: NT AUTHORITY\SYSTEM
Computer: WTWDB1
Description:
The logon to account: JOE CONLON
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: \\JOYCE
failed. The error code was: 3221225572



How can I find out more information about the person that tried to get onto my system such as the IP address of their machine, or anything else?
-Ovatvvon :-Q
 
Sort by date Sort by votes
since you already know the pc name (\\joyce) use PING to know the IP assigned to Joyce

c:\>ping joyce

hope this helps
 
Upvote 0 Downvote
That won't work. My network consists of one computer at home which I'm running the server on to educate myself. There is no computer named Joyce. That's my problem...it's somebody from outside trying to log onto my network.

Any ideas of what I can do or how I can go about finding out any additional information about this? -Ovatvvon :-Q
 
Upvote 0 Downvote
Try a personal firewall such as BlackIce ... or a Watchguard SOHO ....

Bry
 
Upvote 0 Downvote
jmerencilla,
I think that link will be helpfull. I'll look at it when I get home from work at let you know. (Yes, wtwdb1 is the server name here)

bikerbry, this is a server running web sites along with my personal use. I want to use it not only to learn how to use it professionally, but also I want to use it professionally now. From my understanding, BlackIce will slow things down a bit, but moreso, it will interfere with internet traffic. I don't want to do that, I just want to have reliable security procedures here incase unauthorized people try to get onto this network.

-Ovatvvon :-Q
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
475
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
204
DTGMI
DTGMI
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
276
DrB0b
DrB0b
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
234
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
137
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top