troubleshooting Question

Logon Failure: Reason: Unknown user name or bad password User Name: webmaster

Avatar of rowek
rowek asked on
Windows Server 2003
8 Comments1 Solution2395 ViewsLast Modified:
Could somebody please tell me where the user "webmaster" tried to log on to my server?  It appears that it happened from on my server.  We don't even have a userid called webmaster.  We keep port 80 closed and only have 443 open.  Did a program that sniffs 443 stumble across our private website from the outside?  Note that this happend exactly at 6:00pm.  We are running Windows Server 2003 SBS and Trend Micro Enterprise Antivirus.  Could it be one of my serivces (like the Trend Micro) trying to log in?

Source Event ID Last Occurrence Total Occurrences
  Security 529 2/27/2007 6:00 PM 1
Logon Failure:
  Reason: Unknown user name or bad password
  User Name: webmaster
  Logon Type: 3
  Logon Process: Advapi
  Workstation Name: AJAX-SVR-2
  Caller User Name: AJAX-SVR-2$
  Caller Domain: AJAX
  Caller Logon ID: (0x0,0x3E7)
  Caller Process ID: 1528
  Transited Services: -
  Source Network Address: -
  Source Port: -
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 8 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 8 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros