Possible Security Breach

Home Forums Server Operating Systems SBS 2000 / 2003 / 2008 / 2011 Possible Security Breach

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    Cogent
    Member
    #113457

    Hi,

    I was contacted by a customer of mine to day that is using SBS 2003 and was informed that they had a $1600.00 internet bill (slightly up from the normal $190.00 or so a month).

    As I had recently cleaned up a few viruses of network computers I thought that may be the cause (we had been blacklisted). But when I looked in the security logs I noticed this entry.

    Special privileges assigned to new logon:
    User Name: TC1$
    Domain: TRUSTCHAMBERS
    Logon ID: (0x0,0x13ADAF1)
    Privileges: SeSecurityPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeTakeOwnershipPrivilege
    SeDebugPrivilege
    SeSystemEnvironmentPrivilege
    SeLoadDriverPrivilege
    SeImpersonatePrivilege
    SeEnableDelegationPrivilege

    Some of the entries sound a bit dubious. Could you please let me know if there is a service or some thing that logs on such as this, if not how do I stop this from happening. I have run the Microsoft Baseline security and have all the latest patches applied on this server??.

    Thanks,

    Lg

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.