Stopping Anonymouse Logon
Windows Server Forum Index Windows Server
Server discussion on Windows platform.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web winserverhelp.com
Stopping Anonymouse Logon

 
Post new topic   Reply to topic    Windows Server Forum Index -> Security
Author Message
Jeff
Guest
Posted: Tue Jan 18, 2005 2:55 am    Post subject: Stopping Anonymouse Logon Reply with quote
I have a W2K server and its security log show that there are some "anonymous
logon". How do I stop the anonymous logons? Is their any reason I should
allow them?
Back to top
Chris Weber [Security MVP
Guest
Posted: Wed Jan 19, 2005 6:47 am    Post subject: Re: Stopping Anonymouse Logon Reply with quote
The anonymous logon is a security identity used by the operating system. To
protect against people abusing it, you can enable the RestrictAnonymous
registry key - check out
http://support.microsoft.com/default.aspx?scid=kb;en-us;246261

Remember that setting this value to 2 on a domain controller will break most
domain logon functionality, so don't do that. Setting it to 2 on other
systems may break applications that were coded to use anonymous logon,
hopefully you don't have any of those.

/Chris


"Jeff" <jeff_and_dawn@hotmail.com> wrote in message
news:u9K9obN$EHA.1260@TK2MSFTNGP12.phx.gbl...
Quote:
I have a W2K server and its security log show that there are some
"anonymous logon". How do I stop the anonymous logons? Is their any
reason I should allow them?

Back to top
Steven L Umbach
Guest
Posted: Sun Jan 23, 2005 2:43 am    Post subject: Re: Stopping Anonymouse Logon Reply with quote
Anonymous connections are common in Windows networking particularly for
maintenance of the browse list and when downlevel clients are used on the
network. I would not worry too much if you have a properly configured
firewall to protect the network from outside users trying to use anonymous
access/null sessions to enumerate user/group information. I would be much
more concerned with numerous failed logon events in the logs, particularly
for the administrator account. You can use security policy to lockdown
anonymous connections but take care in doing so, particularly on domain
controllers. The link below explains more about how to do such and the
ramifications of locking down anonymous access. --- Steve

http://support.microsoft.com/?kbid=246261

"Jeff" <jeff_and_dawn@hotmail.com> wrote in message
news:u9K9obN$EHA.1260@TK2MSFTNGP12.phx.gbl...
Quote:
I have a W2K server and its security log show that there are some
"anonymous logon". How do I stop the anonymous logons? Is their any
reason I should allow them?

Back to top
 
Post new topic   Reply to topic    Windows Server Forum Index -> Security All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




New Topics Powered by phpBB