Thread: Cannot access networked computer
View Single Post
  #7  
Old 01-05-2006, 04:02 AM
Chuck
 
Posts: n/a
Default Re: Cannot access networked computer
On Thu, 10 Nov 2005 10:16:42 -0600, HLAMUTHNOSPAM@EARTHLINK.NET wrote:

>On Wed, 09 Nov 2005 19:14:02 -0800, Chuck <none@example.net> wrote:
>
>>On Wed, 09 Nov 2005 20:25:31 -0600, HLAMUTHNOSPAM@EARTHLINK.NET wrote:
>>
>>>On Wed, 09 Nov 2005 14:50:50 -0800, Chuck <none@example.net> wrote:
>>>
>>>>On Wed, 09 Nov 2005 13:22:44 -0600, HLAMUTHNOSPAM@EARTHLINK.NET wrote:
>>>>
>>>>>This is a variation of what has been posted. I have run into a bit of
>>>>>a wall....maybe this is a pun.
>>>>>
>>>>>Configured a wireless router to host three hard connects and a
>>>>>wireless laptop. No internet connection yet. Then configured router as
>>>>>a hub to use ICS via a server PC. All PCs show up in the windows
>>>>>explorer and all can be pinged...except that one cannot open files on
>>>>>the ICS pc. The ICS works for all but the one that cannot get access,
>>>>>even though the ISC pc can be pinged. The message that comes up is:
>>>>>
>>>>>Access Permissions?
>>>>>Logon failure. The user has not been granted the requested longon type
>>>>>at this computer.
>>>>>
>>>>>Only one Master Browser is running and the reg entry for restrict
>>>>>anonymous is zero. Windows firewall is off and Zone Alarm allows all
>>>>>IP addresses access. ICS works except for the one computer that cannot
>>>>>access the server PC. I have checked all permissions and sharing etc
>>>>>and simply cannot find the expection for this single PC.
>>>>>
>>>>>Any suggestions??
>>>>>
>>>>>Thanks.
>>>>>
>>>>>Henry
>>>>
>>>>Henry,
>>>>
>>>>This is a well known issue. The problem is generally in the server (ICS
>>>>computer, in your case), and is related to the account that you're trying to use
>>>>for access (and to Guest, if you're using SFS).
>>>><http://nitecruzr.blogspot.com/2005/06/file-sharing-under-windows-xp.html#Help>
>>>>http://nitecruzr.blogspot.com/2005/0...s-xp.html#Help
>>
>>>I am sure you are on the right track with my problem, but when I tried
>>>to access the user accounts through control panel/admin tools, the
>>>item for accounts and users under systems was not there. Couldn't get
>>>the command line to work...if fact, I wasn't sure what I was
>>>authenticating or enabling. Could you shed more light on this user
>>>name, access, and authorization in a network?
>>>
>>>Appreciate your help...as always, you are on top of the issues.
>>>
>>>Henry
>>
>>Henry,
>>
>>Thanks for your kind words. Did you look for Administrative Tools - Computer
>>Management? Then in the hierarchical menu (Computer Management window on the
>>left), you should have System Tools - Local Users and Groups - Users.
>>
>>When you tried the command line utility, what exact error did you get?

>Strange, but I don't have the Local Users and Groups - Users under
>system tools. I do have a User Accounts in the control panel. I don't
>have any entry in System Tools - Local Users and Groups - Users on any
>computer...XP Home SP2 on all of them. I went to Add/Remove to see if
>there was anything in XP I should load, but nothing made this entry
>show up. Is there something missing from my OS load?
>
>However, I went back to the command line and did several active:yes on
>the various accounts...to make sure I got the right one and....
>
>YOU DA MAN!!!!!
>
>It works. I must have been lucky in the past not to run into this
>problem.
>
>On another sidebar issue, after my OS re-install, my MacAfee virus
>catcher identified a program called lsass.exe as a virus. Is it really
>or is it part of the OS? It shows up in the I386 file and in the
>Windows subdirectory. I have blocked it and the only thing that has
>happened is that an annoying hijack program for a registry cleaner has
>disappeared. Can or should I delete it?
>
>Thanks, and I appreciate your help on this tricky problem.
>
>Henry

Henry,

Great, sounds like we're making progress.

The lsass.exe exploit has been used by a lot of bad guys - the most notorious
was Sasser, but there have been others. We can guess about it, or you can solve
the problem. Please don't just delete lsass.exe - it is a legitimate Windows
file, and if you delete it, you might not be able to login to the computer.

What You Should Know About the Sasser Worm and Its Variants:
<http://www.microsoft.com/security/incident/sasser.asp>
http://www.microsoft.com/security/incident/sasser.asp

The legit lsass.exe module should be in I386, and in Windows\System32. If
there's one in Windows\System, you may indeed have a bad one. Please don't
delete it (even if you can). Please read my online malware analysis article:
<http://nitecruzr.blogspot.com/2005/10/online-analysis-of-suspicious-files.html>
http://nitecruzr.blogspot.com/2005/1...ous-files.html

Use Jotti and Virustotal, and please report your findings.

--
Cheers,
Chuck, MS-MVP [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.
Reply With Quote