Browsers, E-mail, & Web Apps forum

General discussion

Event viewer security problem

by ts / November 16, 2004 12:25 PM PST

In Event Viewer (Win2k) when you click Action->Connect to another computer, you can view all the things (especially incoming net sends) just by giving the address of a computer in the network. I think this is a big security threat. Is there anyway of disabling other people accessing our pc through this method?

Discussion is locked
You are posting a reply to: Event viewer security problem
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Event viewer security problem
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
What is a firewall?
by R. Proffitt Forum moderator / November 16, 2004 9:34 PM PST

You may want one?


Collapse -
Re: Event viewer security problem
by ts / November 17, 2004 1:42 PM PST

I think i found a solution to the problem. You can just stop the Remote Registry Service. I've not yet found any problems with that and now no one can connect to my event viewer from a remote PC. Will there be any problems in disabling this service?

Collapse -
(NT) (NT) Yes. Since you closed off only one door.
by R. Proffitt Forum moderator / November 17, 2004 10:21 PM PST
Collapse -
Re: (NT) Yes. Since you closed off only one door.
by ts / November 18, 2004 4:56 PM PST

What do you mean by that?

Collapse -
You closed off only one door.
by R. Proffitt Forum moderator / November 18, 2004 9:27 PM PST

You closed off just one means of remote exploitation. Imagine if the RPC service was still exposed on an unpatched machine?

But before "we go there", let me state I will not be dragged into a dialogue where I share every known exploit on your machine.

What you did was close off just ONE of many holes.

You still have a very leaky boat.


Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.