My question is two-fold and probably very basic but here is the scenario...
I have a workstation (WinXP) that is joined to a domain but its security log is filling within days due to 538 and 540 Anonymous logon events. These events are being generated by various other workstations 'live' on the network and are quite frequent - every 3 to 4min. It is not used as a file sharing system and should be no different than other workstations.
Besides changing the logged events - which I know can be done.
What are these events for?
Why would they be occurring only on this one machine?
The entries are in pairs are vary for the computer reported but are otherwise as per the attached screenshots.