The policies are always turned on by us when we build machines and I know they were active on my PC.
>From: Wes Owen <[EMAIL PROTECTED]> >Reply-To: "NT 2000 Discussions" <[EMAIL PROTECTED]> >To: "NT 2000 Discussions" <[EMAIL PROTECTED]> >Subject: RE: Security Auditing -- URGENT >Date: Wed, 6 Feb 2002 08:42:56 -0600 > >I think that is default behavior, not necessarily something this guy did. > >-----Original Message----- >From: Paul Timmerman [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, February 06, 2002 8:36 AM >To: NT 2000 Discussions >Subject: RE: Security Auditing -- URGENT > > >There is reason to suspect that someone is improperly accessing PC's >remotely and may have somehting set as to where we cannot audit what we >need > >to. I need to find out of this is true in the next 30 minutes. I think I >did though. Security policies for all logon/logoff policies have been >turned off, which is why nothing was being logged. Looks as though this >was > >done on multiple workstations. > > > >From: Martin Blackstone <[EMAIL PROTECTED]> > >Reply-To: "NT 2000 Discussions" <[EMAIL PROTECTED]> > >To: "NT 2000 Discussions" <[EMAIL PROTECTED]> > >Subject: RE: Security Auditing -- URGENT > >Date: Wed, 6 Feb 2002 06:20:06 -0800 > > > >What is so URGENT about this? Is your network down? Users cant connect? > >Data > >lost? What???? > > > >-----Original Message----- > >From: Paul Timmerman [mailto:[EMAIL PROTECTED]] > >Sent: Wednesday, February 06, 2002 5:56 AM > >To: NT 2000 Discussions > >Subject: Security Auditing -- URGENT > > > > > >I have a Win2K pro workstation. My security event log is setup to >monitor > >everything, including success and failure logons. I then test it by >trying > >to logon with credentials I know are false. However, NOTHING shows up in > >the security log. Is there any reason for this to happen? Is there some > >other way I can test this? > > > >_________________________________________________________________ > >Join the world's largest e-mail service with MSN Hotmail. > >http://www.hotmail.com > > > > > >------ > >You are subscribed as [EMAIL PROTECTED] > >Archives: http://www.swynk.com/sitesearch/search.asp > >To unsubscribe send a blank email to [EMAIL PROTECTED] > > > >------ > >You are subscribed as [EMAIL PROTECTED] > >Archives: http://www.swynk.com/sitesearch/search.asp > >To unsubscribe send a blank email to [EMAIL PROTECTED] > > >_________________________________________________________________ >Join the world's largest e-mail service with MSN Hotmail. >http://www.hotmail.com > > >------ >You are subscribed as [EMAIL PROTECTED] >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe send a blank email to [EMAIL PROTECTED] > > >This e-mail and any files transmitted with it are confidential and are >intended solely for the use of the individual or entity to whom they are >addressed. If you are NOT the intended recipient or the person responsible >for delivering the e-mail to the intended recipient, be advised that you >have received this e-mail in error and that any use, dissemination, >forwarding, printing, or copying of this e-mail is strictly prohibited. > > >------ >You are subscribed as [EMAIL PROTECTED] >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe send a blank email to [EMAIL PROTECTED] _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
