?
Solved

Windows XP Mass login attempts

Posted on 2005-03-21
8
Medium Priority
?
837 Views
Last Modified: 2013-12-04
We have several Windows XP laptops on the network that are not part of the domain. Windows XP seems to automatically attempt to login to ALL other machines on the network. What can be done to prevent windows XP from Broadcasting this mass login attempt when it boots up ?
0
Comment
Question by:dwpauleagle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 13594657
can you elaberate on what makes you think it's "automatically attempt to login to ALL other machines on the network" If the computer isn't in the domain it should just be logging in with a local account IE no network login at all.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 13594815
Also you may need to scan for viri on this PC as there have been some recent viri that attempt to make login's to peoples PC's...
-rich
0
 

Author Comment

by:dwpauleagle
ID: 13595138
Any XP machine fresh install will attempt to login to all shared PC on the network and register a failed login attempt in the Event log.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 38

Expert Comment

by:Rich Rumble
ID: 13595752
Doesn't mean a virus isn't getting on them immediatly- What you can do is install ZoneAlarm on a new machine, before joining it to  the network- and before joining it to a domain. Install XP, do not connect it to the network period. Burn a CD with zonealarm on it, and install ZA. place the network cable in the pc, join it to the network etc... ZA will prompt you when any attempt to access the machine is made, and it will also alert you if a program that is not approved is trying to access the NIC or act as a server. You can use ZA to find out what is causing this on your current machines, and you can use it to protect future machines or brand new machines from infections.
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp The free version does this process locking/blocking also.
-rich
0
 

Author Comment

by:dwpauleagle
ID: 13596244
Not a virus a Machichine that is fully installed and virus  protected do this as well .. i have delt with this issues on many many networks and have never found a way to shut up the XP machines doing this on login.  thy just do it one with their own login . so it is not a brute force attack or  randon name  or admin attempts just attempts to loginto all shares with their own credintials.

this come from all XP machines
=====

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      681
Date:            3/21/2005
Time:            11:06:42 AM
User:            NT AUTHORITY\SYSTEM
Computer:      EAGLE1
Description:
The logon to account: Eric
 by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 from workstation: EBLACHNO
 failed. The error code was: 3221225572
 
======

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Logon/Logoff
Event ID:      529
Date:            3/21/2005
Time:            11:06:42 AM
User:            NT AUTHORITY\SYSTEM
Computer:      EAGLE1
Description:
Logon Failure:
       Reason:            Unknown user name or bad password
       User Name:      Eric
       Domain:            EBLACHNO
       Logon Type:      3
       Logon Process:      NtLmSsp
       Authentication Package:      NTLM
       Workstation Name:      EBLACHNO

=======
0
 
LVL 5

Expert Comment

by:tmehmet
ID: 13596351
is the logon attempts all coming from the same machine and does it always try to use the account eric?

If so, can you tell us more about the source machine, what it is and what its running?

0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 13597655
Ohhh i see- try this
open my conputer, go to tools>folder options> then the View tab. The first entry is "automatcially search for folders and printers..."
uncheck that box... that might be what this extra chatter is...
-rich
0
 

Author Comment

by:dwpauleagle
ID: 13601791
That did the trick  Thank you.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Suggested Courses
Course of the Month13 days, 17 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question