Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
The length of the message sent by another WINS indicates a very big message. There may have been corruption of the data. WINS will ignore this message, terminate the connection with the remote WINS, and continue.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of the WINS service?
I got this event logged every 5 min on my two WINS servers. After doing a network sniff, it came from a workstation on our domain that was running "Big Brother" from Quest Software. This software scans the host for a running service and in this case the owner of the workstation had configured it to scan our WINS server every 5min. The Network Sniff showed a packet with the description of "WINS: Send Entries Reply (Continued)". Look for this.
I have got this message when using some Security Scanner against my server. So, if you get this one, there may be DoS (Denial of Service) attack against your server.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated