Security Incidents mailing list archives
RE: strange account in Win2k
From: "Rick Darsey" <rdarsey () aims1 com>
Date: Tue, 28 May 2002 12:34:24 -0500
I have seen this myself. What I have found is that the user will disappear after a short time, and I was not able to modify it. I assumed that it was a "cache" copy of the user account that I was actually modifying, but I may be wrong. If so, I would be glad to learn what it is. Rick Darsey -----Original Message----- From: Mark Fagan [mailto:Mark.Fagan () esat com] Sent: Tuesday, May 28, 2002 10:30 AM To: incidents () securityfocus com Subject: strange account in Win2k While setting additional privileges on a Win2k webserver I noticed that certain privileges (logon as batch job, act as part of o/s, logon locally and network) were applied to a very strange account - *S-1-5-21-527237240-162531612-725345543-1008 which is not seen as a user account. Any ideas folks ? Mark Fagan TDA Esat Business 1 Grand Canal Quay Dublin 2, Ireland. E mark.fagan () esat com www.esatbusiness.com ************************************************************************ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. http://www.esatbusiness.com Subscribe to the Esat Business Online Magazine: http://www.esatbusiness.com/news/subscribe.asp Subscribe to REALISE - the online magazine from BT Ignite: http://www.btignite.com/realise ************************************************************************ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- strange account in Win2k Mark Fagan (May 28)
- RE: strange account in Win2k AJ Decker (May 28)
- RE: strange account in Win2k Rick Darsey (May 28)
- Re: strange account in Win2k Dan Cuthbert (May 28)
- Re: strange account in Win2k Kevin (May 28)
- <Possible follow-ups>
- RE: strange account in Win2k Admiraal, J.E. (CDIV) (May 28)
- Re: strange account in Win2k Maxime Ducharme (May 28)
- RE: strange account in Win2k Kit (May 28)
- Re: strange account in Win2k Maxime Ducharme (May 28)
- RE: strange account in Win2k dlaumann (May 28)
- RE: strange account in Win2k Mark Fagan (May 29)