System generate huge security log - event id 560

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - How to setup secure developement environment with Internet access? We have dev, test, QA, and prod environment for our n tier web based application developement. Now our network and security told me that developement environment should not have internet access due to security. But as developer, we must have internet access to go to MSDN or the other site while we are coding. Do you have any experience on this situation? Could you tell me if the developement environment really should not have internet access? Or how should have very good security with my dev and it also have internet access? thanks in advanced, Dana Tag: System generate huge security log - event id 560 Tag: 67422
  - 2
    - Outlook, Exchange and Port 1237 We are using Exchange 2000 with Outlook 2000 on the client and seem to have excessive use of port 1237 on the Exchange server. What is this port used for and what should be normal use? A search of the MS KB has produce 0 hits and that is why I'm posting here. Any clues? David Fosdike dfosdike at nospam(leave this out and change 'dots' and 'at') dot elders dot com dot au Tag: System generate huge security log - event id 560 Tag: 67419
  - 3
    - CWShredder [v2.13] http://aumha.net/viewtopic.php?t=11518 Silj -- siljaline MS - MVP Windows (IE/OE) & Security (AH-VSOP) __________________________________________ Security Tools Updates http://aumha.net/viewforum.php?f=31 (Reply to group, as return address is invalid - that we may all benefit) Tag: System generate huge security log - event id 560 Tag: 67417
  - 4
    - Spyware Blaster Update 07/02/05 http://aumha.net/viewtopic.php?t=11517 Silj -- siljaline MS - MVP Windows (IE/OE) & Security (AH-VSOP) __________________________________________ Security Tools Updates http://aumha.net/viewforum.php?f=31 (Reply to group, as return address is invalid - that we may all benefit) Tag: System generate huge security log - event id 560 Tag: 67416
  - 5
    - [Fwd: Disable Explorer-like FTP on Windows 2000 PRO] sorry. I forgot to post to this ng... microsoft.public.security -------- Original Message -------- Subject: Disable Explorer-like FTP on Windows 2000 PRO Date: Mon, 07 Feb 2005 21:48:03 +0100 From: Javier Jarava <jjarava@secuware.com> Newsgroups: microsoft.public.windows.server.security,microsoft.public.win2000.group_policy,microsoft.public.win2000.security Hi !! As part of a broader project, I need to research how to disable the explorer-like ftp integration on Windows 2000 PRO. What I want to do is that when a users "saves to" an FTP// URI.. nothing happens (either from Windows Explorer, or from Office 2000). Nor do I want the user to be able to "browse" FTP folders... I have looked into Group Policy settings, but I haven't seen anything that looks like what I'm looking for. Of course, it's not the first time I overlook the obvious!!... I hope that somebody out there has the answer :) Any and all help/tips would be more than appreciated Javier J Tag: System generate huge security log - event id 560 Tag: 67411
  - 6
    - Microsoft vpn adapter connecting to Checkpoint NG firewall I know checkpoint has it's own vpn client for remote vpn connections...but I was wondering if the microsoft vpn adapter can also be used to establish remote vpn connections with a Checkpoint NG firewall? Thanks in advance, JP Tag: System generate huge security log - event id 560 Tag: 67410
  - 7
    - Problems with "Windows Security Center" I just performed a fresh install of Windows XP w/sp2. I ran the computer for about a week using Zone alarm and AVG antivirus. I installed windows anti-spyware beta and now the windows security keeps turning off its firewall. It also wont recognize AVG or Zonealarm. Any one else have this problem. Know how to fix it. TIA. al... Tag: System generate huge security log - event id 560 Tag: 67401
  - 8
    - Security for a Usb Hardrive Hello, Our Management wants to carry a daily back up of our data base home everyday. They want to do it with rotating (4) usb 160 gig hardrives. No sweat, But I need to find a way to secure the drive in case it is lost or stolen. What would be a logical way to lock the data on the USB HD? I have tried permissions on the folders, but this did not appear to keep ANY one from seeing tne data! TIA HAnk B Tag: System generate huge security log - event id 560 Tag: 67396
  - 9
    - Planning PKI and smart card solution - implementer's questionnaire Group, I have put togrther a number of questions that I need answers for when planning implementation of PKI and smart card infrastructure. The questions could also be useful when visiting a reference site. Here's the first iteration: http://sl.mvps.org/docs/pkiplanner.htm Any comments and feedback would be apreciated. Cheers -- Svyatoslav Pidgorny, MVP, MCSE -= F1 is the key =- Tag: System generate huge security log - event id 560 Tag: 67387
  - 10
    - Second Submission - AntiSpyware Finds Windows Update ActiveX as "Unidentified" Microsoft Anti-Spyware quickly announces the following as an unidentified ActiveX which Internet Explorer is trying to install at logon - and I as quickly blocked it as an "UNKNOWN" Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F} My research on this leads to identification of this KEY with "C:\windows\system\iuctrl.dll" which in turn relates to connection to http://v4.windowsupdate.com Since I am using WindowsXP updated to SP2 which now looks to http://v5.windowsupdate.com, I am puzzled about this behavior of Internet Explorer trying to load from the old windows update location AND Microsoft Anti-Spyware identifying it as "UNKNOWN". Your help and advice is greatly appreciated. CT ps Sorry if this duplicates something YOU have seen. I sent it 24 hours ago but it does not appear in my newsserver. Tag: System generate huge security log - event id 560 Tag: 67381
  - 11
    - I did a dumb thing Dear NG, I have been involved with computers for far too long (can anyone remember the IBM 7094?) to have done something as stupid as this, but I did. I put a computer in the trash without removing the hard drive or even erasing its files. A few hours later I noticed that the trash had not been picked up, but the computer was gone! OK, someone has an old Windows/98 system with my stuff on it. I took a look at my most recent backup of that machine and it did not appear to have anything critical on it, but... I have had a strange incident today and I wonder if I have a real problem on my hands. I got a message from MSN Messenger 6.2 that I signed on another machine. I immediately call my daughter who I just gave an old laptop to and she confirmed that she had signed in and she had Messenger running with my PassPort. I told her to remove my PassPort and get one of her own. She said she would, but just now I returned to my machine after being away from it for about two hours and I saw the message again. It could be her, or it could be the "new owner." Now I don't even remember if MSN Messenger even was on the W/98 machine so here are my questions: 1/ Was MSN Messenger available for W/98? 2/ Assume that it was, how do I go about getting Microsoft to "kill" my old PassPort and issue another one? 3/ What "normal" pieces of Microsoft software will be effected? 4/ I have an MSDN subscription, and I am sure that it will be effected. How do I prove to MS that I am me? 5/ What are the ramifications that have not crossed my mind? Hopefully, there are mind-readers in this newsgroup. With a lot of egg on my face, I thank you all in advance. Cheers, Bob -- Robert Schuldenfrei S. I. Inc. 32 Ridley Road Dedham, MA 02026 bob@s-i-inc.com 781/329-4828 Tag: System generate huge security log - event id 560 Tag: 67371
  - 12
    - Is this a spoof? Operating System: windows XP Connection Type: cable modem Browser Type: ie 6+ Recently, when attempting to log onto hotmail via www.hotmail.com, I am now being asked to "Match the pictures". After entering my password, I am then redirected to another URL which prompts me to "Match a picutre" to enter. Is this new to hotmail or a spoof? When I enter the characters, I do get into hotmail, but this has never been there before. I am worried that it is a virus that is redirecting me. That URL is: http://hipservice.passport.net/forcehip.srf?id=2&ru=http%3a%2f%2fwww%2ehotmail%2emsn%2ecom%2fcgi%2dbin%2fsbox&tk=5AAAAAAAAHaH5SlHCfh%21vCYuZRLHqLeSMISOD27ewz5qkus5hJBdv8%2a1WHq%2ar9afyJ6tXjAueHs4c%24&lc=1033 Tag: System generate huge security log - event id 560 Tag: 67363
  - 13
    - AntiSpyware Blocks "Old" Windows Update Microsoft Anti-Spyware quickly announces the following as an unidentified ActiveX which Internet Explorer is trying to install at logon - and I as quickly blocked it as an "UNKNOWN" Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F} My research on this leads to identification of this KEY with "C:\windows\system\iuctrl.dll" which in turn relates to connection to http://v4.windowsupdate.com Since I am using WindowsXP updated to SP2 which now looks to http://v5.windowsupdate.com, I am puzzled about this behavior of Internet Explorer trying to load from the old windows update location AND Microsoft Anti-Spyware identifying it as "UNKNOWN". Your halp and advice is greatly appreciated. CT Tag: System generate huge security log - event id 560 Tag: 67361
  - 14
    - File Download Security Warning When I view sites that have a brief sound attached to their buttons I get a "file download security warning" for a .wav file. (example sound of a golf ball dropping in hole on rollover of each button.) Is ther a way to disable this funcion? I also build websides and have in the past attached sounds to the buttons. Should I discontinue this practice. Thanks for any advice Paul R Tag: System generate huge security log - event id 560 Tag: 67351
  - 15
    - Users last logon info from logon script How can I pop up a window to show domain users last logon info when they logon to the domain? Tag: System generate huge security log - event id 560 Tag: 67349
  - 16
    - Enable IPSEC on a Specific NIC only? I have two subnets 1 Domain in a school enviroment. Student side and Administration Side. They currently share a Internet connection through ISA 2000 server The admin side is currently running on Novell for file serving. We want to replace Novell with secure Windows 2003 solution. The new server will have 2 nics. I was trying to figure out if I could Enable IPSEC on just the external nic. The main goal is to let admin side get to student network for Internet only and not let any other device on student network to comminicate with the new admin server? Thanks for your time Tag: System generate huge security log - event id 560 Tag: 67338
  - 17
    - Hotmail and MSN major difficulties I'm wondering if anyone has experienced the following: we recently moved and purchased a new PC and new internet service. Neither my husband nor I can hardly access MSN or Hotmail (two different accounts). We both receive a message that we have been blocked for trying to log on too may times with an incorrect password, which is not the case. We've had our accounts for so long that we can't remember the answers to our secret questions, etc. so we cannot change our passwords. Any ideas why this may be happening? Tag: System generate huge security log - event id 560 Tag: 67334
  - 18
    - How to call a remote program through SSH tunnel and pass a local file as parameter? Ok, If I would have the program on the local machine I could call this from the command line by a statment like myprog myfile.dat Unfortunately the program is on another machine installed. Between the two machines there is an already successfully running SSH connection. How do I call in this scenario the remote progr myprog and pass the local file myfile.dat? cu Peter Tag: System generate huge security log - event id 560 Tag: 67314
  - 19
    - trusted root certification authorities in win xp 5.1 hello just recently browsed thru the list of trusted root certs installed in my xp machine's trusted root store and was a little bit shocked to find some certs that do not look at all familiar, ones that i'm sure i did not approve (would remember it)...eg, does anyone who this root ca is: CN = NetLock Expressz (Class C) Tanusitvanykiado OU = Tanusitvanykiadok O = NetLock Halozatbiztonsagi Kft. L = Budapest C = HU -- security guru wannabe Tag: System generate huge security log - event id 560 Tag: 67311
  - 20
    - Ext Drive Encrypted Files Deny Access Posted to: microsoft.public.security; microsoft.public.security.homeusers; microsoft.public.windowsxp.security_admin; microsoft.public.security.crypto: Is there a better group? HI, If this looks familiar, that's because it is. Originally I posted this to two ng's, neither of which I can find now. You'll understand why shortly, if you consider my short-term memory problems <g>. I think I can restate it a lot better now, too. Any and all assistance/advice much appreciated. XP Pro, completely updated SP2/hotfix, two 80Gig internal, not RAID et al, one ext 160Gig external, no SCSI. Short Story: 1. Accidentally encrypted data on external ACOM USB 160 Gig drive. Included my Full/Incremental backup done recently. It was a mis-click and I stopped it, but it had already finished. Folders also were encrypted. Then of course, I "forgot" it happened: until I needed the files, of course. They are WINZIP files, encrypted, I'm fairly sure, by XP EFS, but could not swear that winzip didn't do it. It -looks- like EFS did the encryption. 2. Later, trying to track down files disappearing for no reason, eventually C became trashed. 3. OK, got our my ASR floppy, booted on it, all went fine until it wouldn't accept my backup CDs as valid files. They were created with the system Backup function. I don't remember doing a Verify operation. 4. Upon boot, got an error message; bad hardware. Didn't believe it. 5. Reformat/reinstall XP. 5a XP CD would NOT let me delete the partition on C, nor would it let me install to C. It was so adamant, and yes, I've used it before and think all I had to do was delete the partition first, to put XP on C., that I finally acquesced and said OK, put it on D. No problems, boots fine from D for the boot disk. I'll worry about drive letter assignments later; right now I've only got a minimal install anyway - nothing but XP, Norton, Firewall; no antispy stuff yet. SYNOPSIS: -- I ass-u-me when I formatted, I got new keys and certificates, right? And that's why I can't access the files on my external USB drive? -- I DID manage to decrypt the Folders, so future files won't be encrypted; that's why I think it's EFS produced encryption and not Winzip's. But, I can't find a way to get at any of the Files that are encrypted. -- OK, I"ve managed to recover from lost passowords, all kinds of things, so there must be a way to decrypt those Files, either to the same drive or to another drive. Folders are UNencrpted now, but I can only copy them around their own drive, not to another drive where they might expand. None are R, H, or S. But danged if I can find it! I"ve seen a couple of similarities on these groups, but none with a solution that worked for me; either they weren't applicable or the thread ended with a terse microsoft reference, most of which I'd already looked at and tried. I've been thru many MSKB articles with no joy. I've tried Cipher also, to no avail. My resources are about exhausted, so I'm looking for help here. So the ultimate question is, in view of the above information: HOW can I load, decrypt or otherwise manipulate those encrypted files in order to recover them? Although it doesn't appear an advantage, I'd easily consider another format if it would open up any avenues. I'm no guru, but you can talk about how to get to and use most of the Admin Tools, etc., so you don't have to completely hold my hand, but ... this is new territory for me, so please keep that in mind. I also have Partition Magic 8, though not loaded yet, if that means anything to anyone. Pop --- Microsoft's Security might not be all that good, but, so far, it's PERFECT with those files! Tag: System generate huge security log - event id 560 Tag: 67304
  - 21
    - AZEsearch scumbag hijacker prog. How can I get rid of this scumbag hijacker and unwanted crap that my kid unwittingly downloaded and accepted?!!!!!! Tag: System generate huge security log - event id 560 Tag: 67301
  - 22
    - Child Domain Security Mark Minasi's Windows 2003 book states that one of the reason to create seperate Domain instead of OU is security. DC at an unsecure branch office for example. According to Mark's book if the DC at an unsecure branch get's compromised, since it's a seperate domain, only that domain will be compromised. I'm planning on doing the same thing with my network. We have a Company.dom domain and I'm planning on creating child domain for each branches ex) west.company.dom, east.company.dom etc. Is creating seperate domain for security reason that I stated above a good practice? Does parent AD really gets protected when child domain gets compromised? Does child domain DC contains a copy of parent domains AD? Does what kind of trust relationship that child domain have with parent domain matters in the case? Tag: System generate huge security log - event id 560 Tag: 67299
  - 23
    - win update connecting to unknown level 3 address while updating my machine at v4.winowsupdate.microsoft.com I find that some of the updates are being downloaded from an "unknown level three .net" address. Obviously these addresses do not resolve back to Microsoft. Are these updates genuine or has my machine been hijacked? Tag: System generate huge security log - event id 560 Tag: 67296
  - 24
    - Local Workstation Admin I would like to get a feel for suggestions on the local admin account. Do your field techs know what the password is? Do you change it when one of them leave? Are there any standards posted on the Internet? Tag: System generate huge security log - event id 560 Tag: 67286
  - 25
    - Account Lockout Event 675 I am seeing a very strage issue on my network. My user account and others are being locked out multiple times per day. After checking the Security logs on my DC and using the various lockout tools, I notice that dozens of computers in my location make attempts to logon with my user credentials. The same computer doesn't keep trying but lots of them just try once, eventually locking out my account. I have checked the obvious, services using my account, mapped drives and everything else I read in the Account Lockout white paper. Anyone have any ideas on what this could be? Tag: System generate huge security log - event id 560 Tag: 67279
- Next
  - 1
    - False MSN advertisement or not? First a strange thing has happened when I turned on my computer. A passport login window came up out of nowhere asking for my password. I am afraid I may have inadvertently allowed myself to be hacked. How can I find out for sure if I have? Secondly after this I immediately received this in my e-mail: From: MSN Search Date: 02/03/05 19:51:06 To: soulsentinal@hotmail.com Subject: Introducing the more precise, more powerful new MSN Search. The website address comes up as: http://www.imagine-msn.com/search/tour/desktop.aspx The claim of this site is that it can give you a more precise serch engine on your desktop. Tag: System generate huge security log - event id 560 Tag: 67278
  - 2
    - Windows XP SP2 and IE 6.0 security settings -- web pages on local drive I have a Windows XP Home SP1 system to which I have applied SP2. The system is completely up-to-date according to Windows Update. I am using Internet Explorer 6.0 with the default browser security settings. This problem started after applying SP2. I have built several web sites on this machine. When these are uploaded to a server, I can view them with Internet Explorer 6.0 without any problem. (IE 6 show the security zone as "Internet".) If I try to view the SAME files on my local drive, the "Information Bar" pops up with the message "To help protect your security, Internet Explorer has restricted this file from showing active content that could access your computer. Click here for options...". (IE 6 shows the security zone as "Local Intranet".) I have tried every Local Intranet security setting. There doesn't seem to be any way to display local web pages containing active content without a security alarm. I've even tried defining the local directory as a Trusted site. Other software that generate local HTML that is viewed via Internet Explorer, Belarc Advisor for example, have the same problem. It looks to me like it's an Internet Explorer problem. I'm baffled as to why content from the Internet would be allowed, but the SAME content from a local drive would be disallowed. (I guess it's because the pages are reading graphics and other content from the local drive.) If anyone knows of browser setting or some other work around that would eliminate this problem, I would be happy to try them. According to a friend, it doesn't happen with the Firefox browser. I would like to continue to use Internet Explorer to verify the sites. Tag: System generate huge security log - event id 560 Tag: 67277
  - 3
    - Cant Access My Account I cant access my old account, my password was hacked and i cant remember my secret question. what can i do to get help? Tag: System generate huge security log - event id 560 Tag: 67275
  - 4
    - windows update errors i had to reinstall windows (clean install) but i can not update through windows update no matter what i do i have searched and done 90% of the knowlege based articles and still i can not update windows Also im getting alot of pop ups like "nixad" "antieye" "errorfix" "updatenow" etc. i have ran spybot windows beta and avg antivirus does anyone know what is going on or how to fix it Tag: System generate huge security log - event id 560 Tag: 67273
  - 5
    - Shopping Wizard Yesterday I was doing some window shopping when suddenly any new page I went to pulled up this wierd generic info page. I installed and completed several scans with Antispyware (which I have sereval other issues), but the big problem I think I have is the program that installed itself on my C drive called Shopping Wizard. When I try to remove teh program it takes me to an uninstall websit that does not have a signature. The address is: http://looking-for.cc/uninstall/ShoppingWizard.html. I am afraid to download this to get rid of the program. Has anyone heard of this?? Is it safe?? -- carol Tag: System generate huge security log - event id 560 Tag: 67260
  - 6
    - User cannot access resources remotely Windows 2000 AD Domain Microsoft Exchange 2000 Windows XP Professional Microsoft Office 2003 User uses VPN to connect to the Corp. network via the dial-up ISP. When connected to the network locally the user has full access to all file shares, printers and the exchange server. When the user connects through the VPN using a dial-up ISP, they cannot access the network resources. When attempting to access file shares or exchange server, two entries are made in the system event log. Similar to the ones listed below -------------------------------------------------------------------------------------- Event Type: Warning Event Source: LSASRV Event Category: SPNEGO (Negotiator) Event ID: 40961 Date: 2/3/2005 Time: 1:56:48 PM User: N/A Computer: 8CXLX41 Description: The Security System could not establish a secured connection with the server cifs/server.domain.com. No authentication protocol was available. -------------------------------------------------------------------------------------- Event Type: Warning Event Source: LSASRV Event Category: SPNEGO (Negotiator) Event ID: 40960 Date: 2/3/2005 Time: 1:56:48 PM User: N/A Computer: 8CXLX41 Description: The Security System detected an attempted downgrade attack for server cifs/server.domain.com. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request. (0xc000005e)". -------------------------------------------------------------------------------------- This is a user specific issue and doesn't seem to be related to the machine. A second user can log on and access the network resources from this machine and the first user connects using the same method on a second machine and encounters the same problem. I've contacted Microsoft Product support and they recommend I contact the computer vendor, but Im pretty confident that its a OS issue. Thanks for any and all advice Tom Tag: System generate huge security log - event id 560 Tag: 67259
  - 7
    - W2K Server -- local settings versus effective settings Hello, I have a domain of W2K SP 4 member servers and domain controllers. The domain policy is set to allow only members of Domain Admins and Domain Users to logon locally. This is the effective setting, no local settings are configured. Today I was recovering a box from image (and at the time, the box wasn't plugged into the network). After the image loaded, I was unable to logon locally to the box (with the local administrator account); I received an error stating that I was not allow to log on locally. This is where I get confused. The effective settings come from the domain. But the box wasn't plugged into the domain when it rebooted. If there are no local policies set and the box didn't get the domain policies when it booted (because it wasn't talking to the domain), then how did I prevented from logging on locally with the local administrator? Tag: System generate huge security log - event id 560 Tag: 67257
  - 8
    - Re-applying old patches Hello, It was recently discovered that the Windows Update website shows that security patch 835732 (4/04) is missing from the W2K machines in our company. This is strange, because this patch was originally applied to our W2K image using the Windows Update site. Also, if a recent patch is run wth the /L switch on the command line, it shows that 835732 *is* installed. In any case, if the patch is re-applied to the machine, Windows Update no longer sees it as missing. So, management has requested that it be re-applied to these machines. When we do this, will all subsequent patches need to be re-applied as well, or are the patches "smart" enough not to overwrite newer files? -- -Jstep Tag: System generate huge security log - event id 560 Tag: 67250
  - 9
    - Error while consuming web services over SSL-The underlying connec. Hi, I'm trying consuming web services over SSL by an ASP .Net client without success. System Architecture: My Server side contains the following layers, starting from the client side: (Client side) WSD firewall Weblogic server. The webservices deployed On the weblogic Protocol: SSL. Version Information: Microsoft .NET Framework Version:1.1.4322.573; ASP.NET Version:1.1.4322.573 Symptoms 1. The handshake completed successfully, (taken from the MMC): â??An SSL client handshake completed successfully. The negotiated cryptographic parameters are as follows. Protocol: SSL 3.0 Cipher: RC4 Cipher strength: 128 MAC: MD5 Exchange: RSA Exchange strength: 1024â?? 2. Iâ??m getting the error message: WebException: The underlying connection was closed: An unexpected error occurred on a send.] emtv1.WebForm1.Button1_Click(Object sender, EventArgs e) in c:\inetpub\wwwroot\emtv1\webform1.aspx.cs:69 System.Web.UI.WebControls.Button.OnClick(EventArgs e) System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) System.Web.UI.Page.ProcessRequestMain() Facts: 1. Other client (java client) consumes the same services successfully. 2. Overriding the GetWebRequest method not solved the problem. What am I missing? Thanks in advanced, Tag: System generate huge security log - event id 560 Tag: 67242
  - 10
    - BlackHole Adware? I know there is a list of spam sites people can access to use as 'black hole' addresses. Can the same thing be done for ad-ware/spy-ware sites? I don't have the resources to set such a thing up, but if it existed I would push very hard for my employer to use it. I realize the black hole list hasn't stopped spam, so maybe it is a waste of time. Comments? Tag: System generate huge security log - event id 560 Tag: 67241
  - 11
    - Error 0x80094001 while enrolling User Certificate I have W2K3 forest with two domains ad.test.com (forest root) and sub.ad.test.com. I have Enterprise CA installed on server in sub.ad.test.com. I modified Cert. Templates security to let users (ib sub domain) Enroll certificates. I configured Computer certificate enrollment with GPO. Most of comps get their certificate. But I cannot Enroll User Certificate using Web or MMC. When I try I get: "Certificate Services denied request 106 because The request subject name is invalid or too long. 0x80094001 (-2146877439). The request was for SUB\Administrator. Additional information: Error Constructing or Publishing Certificate" Still I can Enroll Basic EFS certificate. Please Help! Tag: System generate huge security log - event id 560 Tag: 67240
  - 12
    - COM Object Shutdown Rights Hello! I have windows 2000 server with some COM objects. Some of them sometimes stop working (hang) after object Shutdown and started again it works fine. So I would like to give rights () to shudown object (it maybe even right to manage all of Component Services) to my HelpDesk people without giving them Admin rights on server. Tag: System generate huge security log - event id 560 Tag: 67239
  - 13
    - Delegates viewing files I need to know if there is a way to find out if a delegate has opened up attachments in my mailbox. Also, is there a way of detecting this in the future. I am running Windows XP Pro with Office XP on a Microsoft server 2003. Tag: System generate huge security log - event id 560 Tag: 67229
  - 14
    - Ports Security Hi, I would like to know whether it is possible to block a specific port number for outgoing or incoming connections? I am using windows 2000 professional and would like to know any solutions for the same. For example, if I want to block a port number say 1255 for outgoing connections but allow it for incoming connections. Also can I do it dynamically, i.e. with out restarting my machine. Any information would be of great help. Thanks, Abhishek. Tag: System generate huge security log - event id 560 Tag: 67228
  - 15
    - Safe mode hangs I have a persistent istbar trojan and any attempt to run spyware cleaners in safe mode causes it to hang. I have winXP SP2 and the problem is the same for 3 different spyware programs. They work fine with a normal boot, just not in safe mode - however removing the istbar trojan this way causes it to return. Any advice appreciated. Jen Tag: System generate huge security log - event id 560 Tag: 67216
  - 16
    - hotmail hijack I have suspision that an ex-girlfriend has hijacked my hotmail account, the password was a strong password, and she was the only one that knew it. Any way the security question in the account has been changed to denie me from resetting. The bad part is that she is logging on to my msn and pretending to be me, I had a lot of contacts and cannot notify them all. She is also sending email pretending to be me. I have got the police involved (prank phone calls also) but they are currently unable to do anything. My question is, is there anything I can do to have this account closed? or get it back? - please help Tag: System generate huge security log - event id 560 Tag: 67215
  - 17
    - Email requesting info for MSN Received email from someone reporting to be MSN requesting information and stating that my account would be deleted within 4 days if we didn't answer the questions Tag: System generate huge security log - event id 560 Tag: 67211
  - 18
    - Email requesting info for MSN Received email from someone reporting to be MSN requesting information and stating that my account would be deleted within 4 days if we didn't answer the questions Tag: System generate huge security log - event id 560 Tag: 67210
  - 19
    - How risky are these open ports for online gaming. My PC XPsp2, has a up to date firewall and antivirus. I want to play and host games online, but the gaming arena/website requires me to open these ports: 6667 (IRC) TCP 3783 (Voice Chat Port) TCP 27900 (Master Server UDP Heartbeat) UDP 28900 (Master Server List Request) TCP 29900 (GP Connection Manager) TCP 29901 (GP Search Manager) TCP 13139 (Custom UDP Pings) UDP 6515 (Dplay UDP) UDP 6500 (Query Port) TCP how risky is this, and is there a way of still being secure with the ports open. Thanks. Tag: System generate huge security log - event id 560 Tag: 67206
  - 20
    - internet explorer security settings certan items dont open when i open pages on internet explorer it say check settings and refresh what should internet explorer security settings be set at in advanced settings ? what should be ticked and not ticked ? please help if you can thank you PIPP -- ukpipp Tag: System generate huge security log - event id 560 Tag: 67205
  - 21
    - what is this dllhost.exe is dllhost.exe a virus or is it a window file? can i shutdown this process? Tag: System generate huge security log - event id 560 Tag: 67193
  - 22
    - help on window security update? How do i find out if the window critical security update is truly installed techically? because when i had hp media center 2004/sp2 and all the critical update and when I upgraded it to HP media center 2005 upgrade cd, i went to add/remove after installing media center 2005 and notice all the critical security update was not there anymore, so i went to window update and check and notice there is seven critical window update available but there all 0KB/0mb size with exclamation point next to those security update saying its already installed on your computer, i went to check add/remove and its not there at all, so i decided to installed it again when i did it didn't download the update instead it intiliazing....done installed.. after seeing this i went to add/remove to check if it's installed and all the critical security update are installed. this is why i want to find out if its truly installed? what is intiliazing? does it mean all the 7 critical security update file is on my computer already and window update is just reinstalling the security update again. please help? Tag: System generate huge security log - event id 560 Tag: 67192
  - 23
    - Virus?!? Hey, I dled something of the internet, and it only opened and went to a black screen and closed. I tried to delete the file after restarting but it tells me the file is currently in use. I am assuming its a virus, How can I find a way to delete the file? -- North Coast Smoker Tag: System generate huge security log - event id 560 Tag: 67189
  - 24
    - Significant sub-authorities in determining duplicate machine SIDs We've been trying to troubleshoot some GPO problems lately and while doing so determined that some of our computer labs had duplicate machine SIDs for our XP clients. Some of the computers had exact duplicates of the SID. Others had duplicate RIDs in the SID sub-authority components. Does it matter if any portion of the SID is a duplicate of another? Or does the entire SID have to be a duplicate for it to matter? What should I be looking for? Thanks! -- David Shriner Systems Administrator Newport News Public Schools Tag: System generate huge security log - event id 560 Tag: 67187
  - 25
    - Certificates - What am I missing? To secure communication between my citrix server and its secure gateway in the dmz it is recommend to use a server certificate. I have an internal enterprise CA set up on a Windows 2003 server. When I go t0 the the web page to request a certificate from the CA the options I have available are: User, Administrator, EFS Recovery Agent, Basic EFS, Web Server, Exchange User, and Exchage Signature Only. What am I missing? I'm confused about what type of certificate I should be requesting. Tag: System generate huge security log - event id 560 Tag: 67186

My w2k server genrate huge security log, all log event id is 560/562, see
details below:

Object Open:
Object Server: Security
Object Type: Desktop
Object Name: \Default
...

Please advise how to disable it, thank.
--
Thanks and Regards,
JC14779

Top

Re: System generate huge security log - event id 560 by Steven

Steven
Tue Feb 08 14:42:20 CST 2005

If you are not auditing any folders or files, disable auditing of "object
access" in Local Security Policy or at the domain/OU level if it is enabled
at that level. For domain controllers use Domain Controller Security Policy.
The link below explains more. --- Steve

http://support.microsoft.com/default.aspx?scid=KB;en-us;q248260

"JC14779" <JC14779@discussions.microsoft.com> wrote in message
news:49990401-A5DA-47A9-8617-B8DD0D4F5F0F@microsoft.com...
> My w2k server genrate huge security log, all log event id is 560/562, see
> details below:
>
> Object Open:
> Object Server: Security
> Object Type: Desktop
> Object Name: \Default
> ...
>
> Please advise how to disable it, thank.
> --
> Thanks and Regards,
> JC14779
>

Top

Re: System generate huge security log - event id 560 by Eric

Eric
Thu Feb 10 16:35:05 CST 2005

Use the "Local Security Policy", "Default Domain Policy", or "Default Domain
Controllers Policy" admin tools to disable the security option "audit the
access of global system objects".

Eric

"JC14779" <JC14779@discussions.microsoft.com> wrote in message
news:49990401-A5DA-47A9-8617-B8DD0D4F5F0F@microsoft.com...
> My w2k server genrate huge security log, all log event id is 560/562, see
> details below:
>
> Object Open:
> Object Server: Security
> Object Type: Desktop
> Object Name: \Default
> ...
>
> Please advise how to disable it, thank.
> --
> Thanks and Regards,
> JC14779
>

Top