Windows XP SP2 Firewall causing Security Log to fill
Hey all,
I just wanted to ask if anyone else has had this happen. XP SP2 was installed a few days ago, and now there is an error showing up on the log on screen that the security log is full and has to be cleared by the administrator. The Event ID is listed as a security event and id is 861. The Windows Firewall has detected an application listening for incoming traffic. Here are the details on it. Name: - Path: C:\WINDOWS\system32\lsass.exe Process identifier: 1276 User account: SYSTEM User domain: NT AUTHORITY Service: Yes RPC server: No IP version: IPv4 IP protocol: UDP Port number: 1106 Allowed: No User notified: No I know that I can just set the firewall to allow this program but what is it and why does it need access out, and if it is important why did it not automaticly receive access out. Thanks guys and gals. |
Windows XP SP2 Firewall causing Security Log to fill
From your description, its not actively trying to send data, its listing =
for incoming data. You may have a backdoor trojan on your system. http://pestpatrol.com/pestinfo/t/tel...server_1_0.asp The above link gives one example. --=20 Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display Win 95/98/Me/XP Tweaks and Fixes http://www.dougknox.com -------------------------------- Per user Group Policy Restrictions for XP Home and XP Pro http://www.dougknox.com/xp/utils/xp_securityconsole.htm -------------------------------- Please reply only to the newsgroup so all may benefit. Unsolicited e-mail is not answered. =20 "David Hetherington" wrote = in message ... Hey all, I just wanted to ask if anyone else has had this happen. XP SP2 was installed a few days ago, and now there is an error showing = up on=20 the log on screen that the security log is full and has to be cleared = by the=20 administrator. The Event ID is listed as a security event and id is 861. The Windows Firewall has detected an application listening for = incoming=20 traffic.=20 Here are the details on it. =20 Name: -=20 Path: C:\WINDOWS\system32\lsass.exe=20 Process identifier: 1276=20 User account: SYSTEM=20 User domain: NT AUTHORITY=20 Service: Yes=20 RPC server: No=20 IP version: IPv4=20 IP protocol: UDP=20 Port number: 1106=20 Allowed: No=20 User notified: No =20 =20 I know that I can just set the firewall to allow this program but what = is it=20 and why does it need access out, and if it is important why did it not = automaticly receive access out. Thanks guys and gals. =20 =20 |
Thanks For Nothing You Idiot -- Thats The Dumbest Answer I Have Ever Seen To Such A Simple Question--
Whats Worse Is That Moron Who Asked The Question Initially Didnt Come Back And Say That Your Information Was Furthest From The Solution To This Problem-- And No, I Still Do Not Have A Solutuion -- All Ive Found Is This Quetsion Asked And Unanswered/answered By Some Moron Who Knows Nothing And Looks At The Problem Superfically And Uses No Technical Prowess Of Any Kind People Listen To Me -- If You Dont Know The Answer, Shut Up -- Please Understand That Youre Even Dumber By Giving A Wrong, Dumb Answer, Rather Than Shutting Up And Leaving It Be |
SOLUTION:
set the windows firewall to DISABLED startup type in services thanks for nothing, losers! PS - i got owned by the caps filter |
You could have made your point and not acted like an ass. So now instead of 2 dumbasses we have 3 wasting our time
|
All times are GMT +1. The time now is 05:26 PM. |
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 2004 - 2006 PCbanter
Comments are property of their posters