Penetration Testing mailing list archives
XP RDP event log 682 ?
From: "BillyBob" <billybobknob () hotmail com>
Date: Sun, 12 Dec 2004 13:02:07 -0400
I have a few event log 682's (user has reconnected to a disconnected TS session) on an XP machine at work that shows: Session Name: Console Client Name: Unknown Client Address: Unknown All other event log 682's show Session Name: RDP-Tcp# and they also display the Client Name and Address. Does this mean that these Unknown ones connected via Console were connections made by someone who hacked the password and used a stealthed OS ? Thanks, Bill
Current thread:
- XP RDP event log 682 ? BillyBob (Dec 12)
- <Possible follow-ups>
- Re: XP RDP event log 682 ? H Carvey (Dec 14)