what about:
*mstsc /v:servername /console
j
*
Troy Murray wrote:
> I was wrong, Remote Desktop on XP uses Type 10, while in 2000 it
> would use Type 2. The only other mention I found producing this error
> was logging in through a KVM IP switch. I don't suppose that
> workstation has had one of those installed.
>
> http://www.windowsecurity.com/articles/Logon-Types.html
>
> -t
>
> On 12/20/05, * David K McFarlane* <[log in to unmask]
> <mailto:[log in to unmask]>> wrote:
>
> Steve,
>
> > Sounds like you might possibly have a rootkit of some sort on
> the workstation. In that case the following sites have great
> resources for detecting many of the more well known rootkits:
> >
> > http://www.systernals.com (RootkitRevealer, ProcExp, TCPView)
>
> Thanks. I tried RootkitRevealer, it found nothing. I have not
> tried the
> other tools yet.
>
> But back to the question: Could a rootkit allow an attacker to
> log in over
> the network and yet have it show up as a console logon in the
> security log?
> This is really a question about the Windows security log and what
> it means.
>
> -- David McFarlane
> Systems Designer
> Michigan State University, Dept. of Psychology
> [log in to unmask] <mailto:[log in to unmask]>
>
>
>
>
> --
> Troy D Murray
> Blog: http://troymurray.blogspot.com/
|
