Advertisement

04.28.2008 at 08:30AM PDT, ID: 23359047
[x]
Attachment Details

Advapi procees login failure

Asked by safam in SBS Small Business Server, Symantec Anti-Virus Software

Tags: Microsoft, SBS2003, Logon Process:Advapi

i am running a SBS 2003 & recently on my daily loggs i see over 600 attempt to login to my server using Advapi.exe procEvent Type:      Failure Audit
Event Source:      Security
Event Category:      Logon/Logoff
Event ID:      529
Date:            4/27/2008
Time:            9:25:26 PM
User:            NT AUTHORITY\SYSTEM
Computer:      CSSMAIN
Description:
Logon Failure:
       Reason:            Unknown user name or bad password
       User Name:      oracle
       Domain:            
       Logon Type:      3
       Logon Process:      Advapi  
       Authentication Package:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
       Workstation Name:      CSSMAIN
       Caller User Name:      CSSMAIN$
       Caller Domain:      CSS
       Caller Logon ID:      (0x0,0x3E7)
       Caller Process ID:      1700
       Transited Services:      -
       Source Network Address:      -
       Source Port:      -

I do have SMTP port as well running but it is locked down to only my user name & once i saw a error saying too many smtp connection & it shut it down. after many searches everything points to this being a someone is trying to hijack my server. i have ran , symantec a/v, trend house call & pcsafe and so far nothing. i searched y files including the hidden one & no sign of this file. i am at a loss & i want to stop this attack. please help. thank you
Start Free Trial
[+][-]04.28.2008 at 09:08AM PDT, ID: 21455261

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.28.2008 at 09:32AM PDT, ID: 21455429

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.28.2008 at 09:36AM PDT, ID: 21455461

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.28.2008 at 09:38AM PDT, ID: 21455469

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.28.2008 at 10:00AM PDT, ID: 21455617

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.29.2008 at 08:31AM PDT, ID: 21463214

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 09:48AM PDT, ID: 21472421

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 09:59AM PDT, ID: 21472518

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:15AM PDT, ID: 21472682

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:24AM PDT, ID: 21472779

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:38AM PDT, ID: 21472913

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:48AM PDT, ID: 21473006

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:49AM PDT, ID: 21473018

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:51AM PDT, ID: 21473040

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 10:54AM PDT, ID: 21473054

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 11:12AM PDT, ID: 21473212

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 12:00PM PDT, ID: 21473582

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 12:21PM PDT, ID: 21473761

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 03:54PM PDT, ID: 21475286

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 04:39PM PDT, ID: 21475460

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.02.2008 at 10:46AM PDT, ID: 21488599

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]05.02.2008 at 11:10AM PDT, ID: 21488767

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: SBS Small Business Server, Symantec Anti-Virus Software
Tags: Microsoft, SBS2003, Logon Process:Advapi
Sign Up Now!
Solution Provided By: safam
Participating Experts: 1
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628