J.R. Sitman
asked on
Security Audit Event 5152. Is this a concern?
I'm getting the attached event. Do I need to be concerned?
audit.jpg
audit.jpg
ASKER
The Windows firewall on that server is off. If it's not a concern, then I can just ignore it, correct?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I applied the patch. I'll monitor it and post later.
Thanks
Thanks
ASKER
Thanks. I applied the patch and blocked the ip address.
This looks like the windows firewall hasn't set correctly for the inbound traffic. Also, it could be edge traversal settings. Have a look at this MS article and try to set edge traversal and see it stops the event.
http://technet.microsoft.com/en-us/library/ee649264(v=ws.10).aspx