[dba-Tech] Firewall alert - lsass.exe

John Bartow john at winhaven.net
Sat Dec 13 09:50:35 CST 2003


Thanks Ralph, I wasn't going it remove it as I know it is part of W2k.

But I wanted to know is what specific functions it performed that someone
could be attempting to use it to break into my computer.

So by "local" security authentication server does it mean that it is used
only for my internal network or does it have some bearing on internet
communications also? Just thinking that my firewall should be completely
masking any internal functions and if it isn't used by internet
communications I have a hole. I have a dialup connection to the internet.

JB

> -----Original Message-----
> From: dba-tech-bounces at databaseadvisors.com
> [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Ralph Bryce
> Sent: Saturday, December 13, 2003 1:40 AM
> To: Discussion of Hardware and Software issues
> Subject: Re: [dba-Tech] Firewall alert - lsass.exe
>
>
> John
>
> At 22:54 12/12/2003, you wrote:
>
> >Process name is "C:\WINNT\system32\lsass.exe"
> >
> >Does lsass.exe have something to do with login security?
>
> LSASS is Win2K's Local Security Authentication Server. Don't remove it...
>
> There are many sites that will provide details of the processes listed by
> Task Manager
> and whether you can remove them safely .
>
> Here's one —
>
> http://www.answersthatwork.com/Tasklist_pages/tasklist_l.htm
>
> HTH
>
> Ralph Bryce
>
>
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
>
>




More information about the dba-Tech mailing list