<div>
Hi,<br />
<br />
This looks like the windows firewall hasn't set correctly for the inbound traffic. Also, it could be edge traversal settings. Have a look at this MS article and try to set edge traversal and see it stops the event.<br />
&nbsp;<a href="http://technet.microsoft.com/en-us/library/ee649264(v=ws.10).aspx" rel="ugc">http://technet.microsoft.com/en-us/library/ee649264(v=ws.10).aspx</a>
</div>


Hi,

This looks like the windows firewall hasn't set correctly for the inbound traffic. Also, it could be edge traversal settings. Have a look at this MS article and try to set edge traversal and see it stops the event.
 http://technet.microsoft.com/en-us/library/ee649264(v=ws.10).aspx [http://technet.microsoft.com/en-us/library/ee649264(v=ws.10).aspx]

<div>
The Windows firewall on that server is off. &nbsp;If it's not a concern, then I can just ignore it, correct?
</div>


The Windows firewall on that server is off.  If it's not a concern, then I can just ignore it, correct?

<div>
I applied the patch. &nbsp;I'll monitor it and post later.<br />
<br />
Thanks
</div>


I applied the patch.  I'll monitor it and post later.

Thanks

<div>
Thanks. &nbsp;I applied the patch and blocked the ip address.
</div>


Thanks.  I applied the patch and blocked the ip address.

<div>
<div class="content wysiwyg-content">
I'm getting the attached event. &nbsp;Do I need to be concerned?<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/01_w01/624951/audit.jpg" target="_blank" class="file-inline" title="security audit (81 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>audit.jpg</a>
</div>
</div>


audit.jpg

I'm getting the attached event.  Do I need to be concerned?

Security Audit Event 5152.  Is this a concern?

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.