| VID |
27083 |
| Severity |
10 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
You should achieve log management that monitors attack records by analyzing logs periodically and that blocks access to devices in advance by analyzing suspicious attack cases.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
1. Examine logs periodically
(1) Start> Control Panel> Administrative Tools> Event Viewer
(2) Examine Windows Logs> Application, Security and System Log
(3) Examine Directory Service Log, File Copy Service log, DNS Server Log according to OS configuration.
¡Ø You should use event viewer of Windows server for checking event log
2. Report result of log examination daily and monthly. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
