1. Home
  2. Forums Index
  3. WebmasterWorld / Website Analytics - Tracking and Logging 9:15 am May 14, 2026

Forum Moderators: DixonJones

Message Too Old, No Replies

NT Security Log

Tracing who this is

         

Tracetech

9:37 pm on Jul 10, 2003 (gmt 0)



IS there any software or way of tracing the info from the NT security log to see who keeps trying to get into a server
I get the failed audit with info on machine name, but no IP address records here. I would like to be able to tell who it is that continuously tries to get it.

Logon Failure:
Reason:Unknown user name or bad password
User Name:Administrator
Domain:WEBSERVER
Logon Type:3
Logon Process:KSecDD
Authentication Package:MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name:\\WEBSERVER

Any info would be appreciated

bcolflesh

9:58 pm on Jul 10, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Welcome to WW - I believe the security.log file is for everything from HKEY_LOCAL_MACHINE\Security - so that is probably a manual attempt - someone trying to login as Admin at the comp itself - put a webcam in that room.

Regards,
Brent

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Website Analytics - Tracking and Logging 9:15 am May 14, 2026