frontserve
09-04-2002, 09:40 PM
We have seen a tremendous increase for this error on the Event Viewer for one of our Windows 2000 server.
Below is the exact error; is this a hacker trying to log in?? If yes, how do we find it??
Event Type: Warning
Event Source: W3SVC
Event Category: None
Event ID: 100
Date: 8/22/2002
Time: 3:34:24 PM
User: N/A
Computer: SERVERXXXX (we changed this)
Description:
The server was unable to logon the Windows NT account 'michael.h.lam' due to the following error: Logon failure: unknown user name or bad password. The data is the error code.
For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp.
Data:
0000: 2e 05 00 00 ....
What should we do or look for to find the person doing this?? We would like to find the person and block them out of our servers.
Any help is appreciated; thanks.
Below is the exact error; is this a hacker trying to log in?? If yes, how do we find it??
Event Type: Warning
Event Source: W3SVC
Event Category: None
Event ID: 100
Date: 8/22/2002
Time: 3:34:24 PM
User: N/A
Computer: SERVERXXXX (we changed this)
Description:
The server was unable to logon the Windows NT account 'michael.h.lam' due to the following error: Logon failure: unknown user name or bad password. The data is the error code.
For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp.
Data:
0000: 2e 05 00 00 ....
What should we do or look for to find the person doing this?? We would like to find the person and block them out of our servers.
Any help is appreciated; thanks.