[collector:] client solari-prod.ceda.unina2.it.powershell powershell XymonPS [date] sab 01 nov 06:17:29 2025 [clock] epoch: 1761974249 local: sab 01 nov 06:17:29 2025 UTC: sab 01 nov 05:17:29 2025 Time Synchronisation type: NTP NTP server: time.inrim.it Indicatore di secondo intercalare: 0(nessun avviso) Strato: 3 (riferimento secondario - sincronizza tramite (S)NTP) Precisione: -6 (15.625ms per tick) Ritardo radice: 0.0142389s Dispersione radice: 0.0449631s ID riferimento: 0xC1CC7269 (IP origine: 193.204.114.105) Data e ora dell'ultima sincronizzazione riuscita: 01/11/2025 06:10:22 Origine: time.inrim.it Intervallo di polling: 10 (1024s) [clientversion] 2.42 [uname] Microsoft Windows Server 2016 Standard (build 14393) [cpu] up: 3 days, 0 users, 82 procs, load=1.24% CPU states: total 1.24% cores: 16 CPU PID Image Name Pri Time MemUsage 0,5% 620 SVC:Dhcp/EventLog/lmhosts/Time 8 07:40:20 28400k 0,4% 46504 powershell 8 00:16:09 154748k 0,1% 3048 erl 8 00:35:13 265676k 0,1% 460 SVC:TermService 8 00:43:40 52360k 0,0% 1456 SVC:Appinfo/CertPropSvc/gpsvc/ 8 00:27:34 72492k 0,0% 816 SVC:KeyIso/Netlogon/SamSs/Vaul 9 00:32:42 58280k 0,0% 7128 WmiPrvSE 8 00:13:08 47988k 0,0% 2296 SVC:OVirtGuestService 8 00:13:54 26000k 0,0% 4 System 8 00:17:16 144k 0,0% 3024 SVC:WinDefend 8 00:48:44 229340k 0,0% 9172 SVC:SmartTalk-TerminalStatusSe 8 00:01:52 150624k 0,0% 2268 SVC:DBServiceSvc 8 00:03:16 123352k 0,0% 5416 WmiPrvSE 8 00:09:19 26472k 0,0% 5184 conhost 8 00:00:00 5152k 0,0% 7264 win32sysinfo 8 00:00:01 1896k 0,0% 5252 vdagent 13 00:00:00 6336k 0,0% 3656 SVC:SmartTalk-OnlineVerificati 8 00:00:06 107408k 0,0% 3868 SVC:VeeamEndpointBackupSvc 8 00:00:07 88808k 0,0% 3060 conhost 8 00:00:01 5620k 0,0% 3416 SVC:SmartTalk-AccessControlSer 8 00:00:05 106264k 0,0% 3904 SVC:WdNisSvc 8 00:01:20 15440k 0,0% 4320 SVC:MSSQL$SQLEXPRESS 8 00:14:55 394728k 0,0% 5168 Veeam.Guest.Interaction.Proxy 8 00:00:00 9632k 0,0% 2908 SVC:W3SVC/WAS 8 00:00:02 13432k 0,0% 4048 epmd 8 00:00:06 4952k 0,0% 7456 inet_gethost 8 00:00:00 4032k 0,0% 37164 WmiPrvSE 8 00:00:00 8680k 0,0% 41380 SVC:TWServerWebSvc 8 00:00:00 36936k 0,0% 31764 w3wp 8 00:24:16 314492k 0,0% 36636 MpDefenderCoreService 8 00:00:00 15660k 0,0% 43320 SVC:COMSysApp 8 00:00:00 13064k 0,0% 43564 SVC:XymonPSClient 8 00:00:00 6136k 0,0% 49208 w3wp 8 00:00:00 54936k 0,0% 43432 SVC:wmiApSrv 8 00:00:00 7992k 0,0% 43484 conhost 8 00:00:01 5740k 0,0% 8496 SVC:SmartTalk-ManageInstanceSe 8 00:00:06 114904k 0,0% 9048 SVC:SmartTalk-DispatcherServic 8 00:00:08 117360k 0,0% 7732 WmiPrvSE 8 00:02:50 14508k 0,0% 8348 SVC:SmartTalk-SchedulerService 8 00:00:06 113608k 0,0% 9144 SVC:SmartTalk-TransactionServi 8 00:00:12 127360k 0,0% 10952 SVC:SSDPSRV 8 00:00:00 7232k 0,0% 22408 MpDefenderCoreService 8 00:00:00 14720k 0,0% 9188 SVC:SmartTalk-ScaricoTimbratur 8 00:00:04 78656k 0,0% 10916 SVC:MSDTC 8 00:00:00 9808k 0,0% 2788 SVC:VeeamDeploySvc 8 00:00:01 14920k 0,0% 1052 SVC:CryptSvc/Dnscache/LanmanWo 8 00:00:33 30544k 0,0% 1080 LogonUI 13 00:00:01 50024k 0,0% 912 SVC:BrokerInfrastructure/DcomL 8 00:00:15 21456k 0,0% 964 SVC:RpcEptMapper/RpcSs 8 00:00:54 13972k 0,0% 1088 SVC:WSearch 8 00:00:21 21960k 0,0% 1308 SVC:SmartTalk-AlliniamentoDB 8 00:00:02 63468k 0,0% 1340 SVC:vdservice 10 00:00:00 5464k 0,0% 1104 dwm 13 00:00:00 31140k 0,0% 1280 SVC:BFE/CoreMessagingRegistrar 8 00:00:04 23052k 0,0% 584 SVC:CDPSvc/EventSystem/FontCac 8 00:00:05 25300k 0,0% 592 csrss 13 00:00:52 5164k 0,0% 0 Idle 0 4k 0,0% 476 smss 11 00:00:00 1244k 0,0% 616 SVC:DsSvc/NcbService/PcaSvc/Tr 8 00:00:03 23136k 0,0% 728 winlogon 13 00:00:00 8644k 0,0% 800 services 9 00:02:53 15792k 0,0% 668 csrss 13 00:00:00 3880k 0,0% 692 wininit 13 00:00:27 5360k 0,0% 1388 SVC:Spooler 8 00:00:01 16916k 0,0% 2548 SVC:StateRepository/tiledatamo 8 00:00:02 16636k 0,0% 2556 SVC:SQLBrowser 8 00:00:00 4724k 0,0% 2500 SVC:RabbitMQ 8 00:00:00 3168k 0,0% 2508 SVC:SmartTalk-NotificationServ 8 00:00:06 103972k 0,0% 2632 SVC:TermTalkServerService 8 00:02:04 73284k 0,0% 2752 SVC:StartScheduler 8 00:00:04 97480k 0,0% 2772 SVC:VeeamTransportSvc 8 00:00:00 10328k 0,0% 2640 SVC:SQLWriter 8 00:00:01 16704k 0,0% 2676 SVC:TWServerSvc 8 00:43:04 133196k 0,0% 2104 SVC:AppHostSvc 8 00:00:00 14368k 0,0% 2180 SVC:DiagTrack 8 00:00:04 26864k 0,0% 1592 SVC:Wcmsvc 8 00:00:00 7612k 0,0% 2100 SVC:PolicyAgent 8 00:00:00 7028k 0,0% 2216 SVC:IISADMIN 8 00:00:46 36828k 0,0% 2408 SVC:LanmanServer 8 00:00:01 8328k 0,0% 2420 SVC:shibd_Default 8 00:03:14 28216k 0,0% 2240 SVC:MDCoreSvc 8 00:00:06 20084k 0,0% 2400 SVC:QEMU-GA 8 00:00:01 8304k [disk] Filesystem 1K-blocks Used Avail Capacity Mounted Label Summary(Total\Avail GB) C 104343548 76592848 27750700 73% /FIXED/C:\ 99,51\26,47 [memory] memory Total Used physical: 16383 4266 virtual: 18815 4580 page: 2432 168 [msgs:EventlogSummary] LogMode MaximumSizeInBytes RecordCount LogName ------- ------------------ ----------- ------- Circular 163840000 273743 Security Circular 133103616 382027 System Circular 133103616 273686 Application [msgs:eventlog_Security] Information - 11/01/2025 06:16:43 - [4625] - Microsoft-Windows-Security-Auditing - Accesso di un account non riuscito. Soggetto: ID sicurezza: S-1-0-0 Nome account: - Dominio account: - ID accesso: 0x0 Tipo di accesso: 3 Account il cui accesso non ? riuscito: ID sicurezza: S-1-0-0 Nome account: USER Dominio account: Informazioni sull'errore: Motivo dell'errore: Nome utente sconosciuto o password errata. Stato: 0xC000006D Stato secondario: 0xC0000064 Informazioni sul processo: ID processo chiamante: 0x0 Nome processo chiamante: - Informazioni di rete: Nome workstation: - Indirizzo di rete di origine: 206.72.200.6 Porta di origine: 0 Informazioni di autenticazione dettagliate: Processo di accesso: NtLmSsp Pacchetto di autenticazione: NTLM Servizi transitati: - Nome pacchetto (solo NTLM): - Lunghezza chiave: 0 Questo evento viene generato quando una richiesta di accesso non ha esito positivo. Viene generato nel computer in cui ? stato tentato l'accesso. Il campo Soggetto indica l'account nel sistema locale che ha richiesto l'accesso. Generalmente si tratta di un servizio, quale il servizio Server, o di un processo locale, ad esempio Winlogon.exe o Services.exe. Il campo Tipo di accesso indica il tipo di accesso richiesto. I tipi pi? comuni sono 2 (interattivo) e 3 (rete). Il campo Informazioni sul processo indica l'account e il processo nel sistema che hanno richiesto l'accesso. Il campo Informazioni di rete indica l'origine della richiesta di accesso remota. Il nome della workstation non ? sempre disponibile e pu? essere vuoto in alcuni casi. Il campo Informazioni di autenticazione fornisce informazioni dettagliate sulla specifica richiesta di accesso. - Servizi transitati indica quali servizi intermedi hanno partecipato alla richiesta di accesso. - Nome pacchetto indica quale sottoprotocollo dei protocolli NTLM ? stato utilizzato. - Lunghezza chiave indica la lunghezza della chiave di sessione generata. Se non ? stata richiesta alcuna chiave di sessione, la lunghezza sar? pari a zero. [msgs:eventlog_System] [msgs:eventlog_Application] [procs] PID User WorkingSet/Peak VirtualMem/Peak PagedMem/Peak NPS Handles %CPU Start Time Elapsed Name Command 620 NT AUTHORITY\SERVIZIO LOCALE 28400/41732 2147576044/2148006072 20120/22024 20 506 0,5 2025-10-28 16:54:16 5122 SVC:Dhcp/EventLog/lmhosts/TimeBrokerSvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted 46504 NT AUTHORITY\SYSTEM 154748/203868 2148214052/2148257700 112568/162928 38 502 0,4 2025-11-01 02:00:04 257 powershell "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\xymon\xymonclient.ps1" 3048 NT AUTHORITY\SYSTEM 265676/295672 554260/594564 302160/355592 70 391 0,1 2025-10-28 16:54:19 5122 erl "C:\Program Files\Erlang OTP\erts-13.0.3\bin\erl.exe" -service_event ErlSrv_RabbitMQ -nohup -sname rabbit@solari-prod -s "rabbit" boot -boot "start_sasl" +W w +MBas ageffcbf +MHas ageffcbf +MBlmbcs 512 +MHlmbcs 512 +MMmcs 30 +P 1048576 +t 5000000 +stbt db +zdbbl 128000 +sbwt none +sbwtdcpu none +sbwtdio none -kernel inet_dist_listen_min 25672 -kernel inet_dist_listen_max 25672 -syslog logger [] -syslog syslog_error_logger false -kernel prevent_overlapping_partitions false 460 NT AUTHORITY\SERVIZIO DI RETE 52360/113284 2147860896/2148041120 52092/110880 86 3357 0,1 2025-10-28 16:54:16 5122 SVC:TermService C:\Windows\System32\svchost.exe -k termsvcs 1456 NT AUTHORITY\SYSTEM 72492/461004 2148771768/2149354120 44380/308068 56 1624 0,0 2025-10-28 16:54:17 5122 SVC:Appinfo/CertPropSvc/gpsvc/IKEEXT/iphlpsvc/lfsvc/ProfSvc/Schedule/SENS/SessionEnv/ShellHWDetection/Themes/UserManager/Winmgmt/WpnService C:\Windows\System32\svchost.exe -k netsvcs 816 NT AUTHORITY\SYSTEM 58280/60096 2147599560/2147648216 46832/50952 38 24213 0,0 2025-10-28 16:54:13 5123 SVC:KeyIso/Netlogon/SamSs/VaultSvc C:\Windows\system32\lsass.exe 7128 NT AUTHORITY\SYSTEM 47988/49024 161912/171988 39328/44228 30 1421 0,0 2025-10-28 16:54:29 5122 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding 2296 NT AUTHORITY\SYSTEM 26000/26556 99448/103800 15144/15672 21 315 0,0 2025-10-28 16:54:19 5122 SVC:OVirtGuestService "C:\Program Files (x86)\Redhat\RHEV\Drivers\Agent\OVirtGuestService.exe" 4 Unknown 144/896 3464/11080 128/140 0 1084 0,0 2025-10-28 16:54:06 5123 System 3024 Unknown 229340/1125480 2148336764/2149195628 343172/1211032 238 654 0,0 2025-10-28 16:54:19 5122 SVC:WinDefend 9172 NT AUTHORITY\SYSTEM 150624/157400 2418629316/2418637252 62992/70316 125 746 0,0 2025-10-28 16:55:42 5121 SVC:SmartTalk-TerminalStatusService C:\SmartTalk\Servizi\TerminalStatusService\TerminalStatusService.exe 2268 NT AUTHORITY\SYSTEM 123352/123968 443708/461628 99356/99956 60 53888 0,0 2025-10-28 16:54:19 5122 SVC:DBServiceSvc "C:\Program Files (x86)\Solari di Udine\DBService\DBService.exe" 5416 NT AUTHORITY\SERVIZIO DI RETE 26472/41048 2147559640/2147609152 16884/26528 15 368 0,0 2025-10-28 16:54:24 5122 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding 5184 NT AUTHORITY\SYSTEM 5152/5440 2147542976/2147544000 1160/1372 7 91 0,0 2025-10-28 16:54:23 5122 conhost \??\C:\Windows\system32\conhost.exe 0x4 7264 NT AUTHORITY\SYSTEM 1896/2052 12500/15572 332/408 3 26 0,0 2025-10-28 16:54:34 5122 win32sysinfo "c:\Program Files\Erlang OTP\lib\os_mon-2.7.1\priv\bin\win32sysinfo.exe" 5252 NT AUTHORITY\SYSTEM 6336/6676 94764/102956 1484/1632 8 120 0,0 2025-10-28 16:54:23 5122 vdagent C:\Program Files (x86)\Redhat\RHEV\Drivers\Spice\vdagent.exe 3656 NT AUTHORITY\SYSTEM 107408/111248 2418586032/2418622624 32764/37272 106 623 0,0 2025-10-28 16:55:42 5121 SVC:SmartTalk-OnlineVerificationService C:\SmartTalk\Servizi\OnlineVerificationService\OnlineVerificationService.exe 3868 NT AUTHORITY\SYSTEM 88808/90324 751068/807212 51228/52032 66 831 0,0 2025-10-28 16:54:20 5122 SVC:VeeamEndpointBackupSvc "C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe" 3060 NT AUTHORITY\SYSTEM 5620/5968 2147543904/2147544928 1340/1548 8 101 0,0 2025-10-28 16:54:19 5122 conhost \??\C:\Windows\system32\conhost.exe 0x4 3416 NT AUTHORITY\SYSTEM 106264/111280 2418588080/2418625952 32700/36972 105 578 0,0 2025-10-28 16:55:42 5121 SVC:SmartTalk-AccessControlService C:\SmartTalk\Servizi\AccessControlService\AccessControlService.exe 3904 NT AUTHORITY\SERVIZIO LOCALE 15440/16156 2147566480/2147568688 9552/9956 10 184 0,0 2025-10-28 16:54:52 5122 SVC:WdNisSvc "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\NisSrv.exe" 4320 NT SERVICE\MSSQL$SQLEXPRESS 394728/396352 45180736/45193540 595312/607012 63 837 0,0 2025-10-28 16:54:22 5122 SVC:MSSQL$SQLEXPRESS "C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS 5168 NT AUTHORITY\SYSTEM 9632/10100 69704/77384 1916/2344 16 211 0,0 2025-10-28 16:54:23 5122 Veeam.Guest.Interaction.Proxy "C:\Program Files (x86)\Veeam\Backup Transport\GuestInteraction\Veeam.Guest.Interaction.Proxy.exe" 2908 NT AUTHORITY\SYSTEM 13432/13672 2147556324/2147558884 6772/6832 16 222 0,0 2025-10-28 16:54:19 5122 SVC:W3SVC/WAS C:\Windows\system32\svchost.exe -k iissvcs 4048 NT AUTHORITY\SYSTEM 4952/4968 18072/19096 3028/3068 6 46 0,0 2025-10-28 16:54:20 5122 epmd "C:\Program Files\Erlang OTP\erts-13.0.3\bin\epmd" -daemon 7456 NT AUTHORITY\SYSTEM 4032/4308 24120/27192 972/1004 6 85 0,0 2025-10-28 16:54:35 5122 inet_gethost "c:\Program Files\Erlang OTP\erts-13.0.3\bin\inet_gethost.exe" 4 37164 NT AUTHORITY\SYSTEM 8680/8732 2147523600/2147525996 2088/4496 9 149 0,0 2025-11-01 06:15:59 1 WmiPrvSE C:\Windows\system32\wbem\wmiprvse.exe -Embedding 41380 NT AUTHORITY\SYSTEM 36936/56180 177964/184620 19680/20100 33 379 0,0 2025-11-01 04:30:17 106 SVC:TWServerWebSvc "C:\inetpub\wwwroot\StartWeb\TWSERVER.exe" /name TwServerWebSvc 31764 NT AUTHORITY\SERVIZIO DI RETE 314492/733084 1697684/1715092 287724/744120 172 3785 0,0 2025-10-31 02:54:28 1642 w3wp C:\Windows\SysWOW64\inetsrv\w3wp.exe -ap "AppSolari" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipmeb95952d-1b0a-439b-8df3-d77d4cff49f5 -h "C:\inetpub\temp\apppools\AppSolari\AppSolari.config" -w "" -m 0 -t 20 -ta 0 36636 NT AUTHORITY\SYSTEM 15660/16004 2147550792/2147552344 4432/4676 14 293 0,0 2025-10-31 18:04:10 733 MpDefenderCoreService "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe" "network_client" 43320 NT AUTHORITY\SYSTEM 13064/13720 2147541136/2147551376 3972/4476 13 221 0,0 2025-10-31 20:01:39 615 SVC:COMSysApp C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} 43564 NT AUTHORITY\SYSTEM 6136/6568 60460/64556 1740/2056 7 107 0,0 2025-11-01 02:00:04 257 SVC:XymonPSClient "C:\Program Files\xymon\nssm.exe" 49208 IIS APPPOOL\DefaultAppPool 54936/54952 2168927412/2168927668 114356/114396 62 692 0,0 2025-11-01 05:33:49 43 w3wp c:\windows\system32\inetsrv\w3wp.exe -ap "DefaultAppPool" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipm455b1a4c-26d8-44d0-bb7c-246cec1cee7c -h "C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config" -w "" -m 0 -t 20 -ta 0 43432 NT AUTHORITY\SYSTEM 7992/7992 2147522432/2147522444 1604/1604 9 146 0,0 2025-11-01 06:15:59 1 SVC:wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 43484 NT AUTHORITY\SYSTEM 5740/6052 2147543904/2147544672 1364/1492 8 101 0,0 2025-11-01 02:00:04 257 conhost \??\C:\Windows\system32\conhost.exe 0x4 8496 NT AUTHORITY\SYSTEM 114904/117672 2418590472/2418628408 37924/41404 109 555 0,0 2025-10-28 16:55:40 5121 SVC:SmartTalk-ManageInstanceService C:\SmartTalk\Servizi\ManageInstanceService\ManageInstanceService.exe 9048 NT AUTHORITY\SYSTEM 117360/119480 2418591080/2418625624 37872/41944 112 536 0,0 2025-10-28 16:55:40 5121 SVC:SmartTalk-DispatcherService C:\SmartTalk\Servizi\DispatcherService\DispatcherService.exe 7732 NT AUTHORITY\SERVIZIO LOCALE 14508/14888 77324/90024 9404/9492 11 271 0,0 2025-10-28 16:54:59 5122 WmiPrvSE C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding 8348 NT AUTHORITY\SYSTEM 113608/116232 2418632712/2418655340 38856/41604 110 822 0,0 2025-10-28 16:55:40 5121 SVC:SmartTalk-SchedulerService C:\SmartTalk\Servizi\SchedulerService\SchedulerService.exe 9144 NT AUTHORITY\SYSTEM 127360/132068 2418593768/2418625880 46440/50620 114 736 0,0 2025-10-28 16:55:42 5121 SVC:SmartTalk-TransactionService C:\SmartTalk\Servizi\TransactionService\TransactionService.exe 10952 NT AUTHORITY\SERVIZIO LOCALE 7232/7532 2147524924/2147531580 1924/2144 16 192 0,0 2025-10-28 16:56:37 5120 SVC:SSDPSRV C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation 22408 NT AUTHORITY\SYSTEM 14720/15100 2147547380/2147551484 3592/4176 13 289 0,0 2025-10-29 18:25:53 3591 MpDefenderCoreService "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe" "network_client" 9188 NT AUTHORITY\SYSTEM 78656/83160 2418561224/2418563912 26704/31704 74 657 0,0 2025-10-28 16:55:40 5121 SVC:SmartTalk-ScaricoTimbrature C:\SmartTalk\Servizi\TransactionFileSaverService_WINDOWS\service\TransactionFileSaverService.exe 10916 NT AUTHORITY\SERVIZIO DI RETE 9808/11132 2147533216/2147535776 2808/3720 13 186 0,0 2025-10-28 16:56:38 5120 SVC:MSDTC C:\Windows\System32\msdtc.exe 2788 NT AUTHORITY\SYSTEM 14920/15156 90060/97740 3584/4040 21 271 0,0 2025-10-28 16:54:19 5122 SVC:VeeamDeploySvc "C:\Windows\Veeam\Backup\VeeamDeploymentSvc.exe" -port 6160 1052 NT AUTHORITY\SERVIZIO DI RETE 30544/65632 2147774356/2147801984 16456/48720 46 694 0,0 2025-10-28 16:54:16 5122 SVC:CryptSvc/Dnscache/LanmanWorkstation/NlaSvc/WinRM C:\Windows\system32\svchost.exe -k NetworkService 1080 NT AUTHORITY\SYSTEM 50024/66332 2147753420/2147777088 12904/22592 30 594 0,0 2025-10-28 16:54:16 5122 LogonUI "LogonUI.exe" /flags:0x2 /state0:0xa3b73055 /state1:0x41c64e6d 912 NT AUTHORITY\SYSTEM 21456/21948 2147561448/2147573736 8400/9100 22 647 0,0 2025-10-28 16:54:15 5122 SVC:BrokerInfrastructure/DcomLaunch/LSM/PlugPlay/Power/SystemEventsBroker C:\Windows\system32\svchost.exe -k DcomLaunch 964 NT AUTHORITY\SERVIZIO DI RETE 13972/14160 2147528916/2147537680 7712/7928 16 601 0,0 2025-10-28 16:54:15 5122 SVC:RpcEptMapper/RpcSs C:\Windows\system32\svchost.exe -k RPCSS 1088 NT AUTHORITY\SYSTEM 21960/26476 2147760256/2147772176 25600/26272 52 741 0,0 2025-10-28 16:55:28 5121 SVC:WSearch C:\Windows\system32\SearchIndexer.exe /Embedding 1308 NT AUTHORITY\SYSTEM 63468/63704 2418540616/2418567468 22040/23076 61 537 0,0 2025-10-28 16:55:40 5121 SVC:SmartTalk-AlliniamentoDB C:\Users\gaetano.mastellone\Downloads\AlignmentService_WINDOWS\service\AlignmentService.exe 1340 NT AUTHORITY\SYSTEM 5464/5912 60544/68736 1236/1452 6 112 0,0 2025-10-28 16:54:17 5122 SVC:vdservice "C:\Program Files (x86)\Redhat\RHEV\Drivers\Spice\vdservice.exe" 1104 Window Manager\DWM-1 31140/35576 2147646108/2147660624 15320/18688 21 315 0,0 2025-10-28 16:54:16 5122 dwm "dwm.exe" 1280 NT AUTHORITY\SERVIZIO LOCALE 23052/27148 2147585852/2147591468 16652/19076 34 444 0,0 2025-10-28 16:54:17 5122 SVC:BFE/CoreMessagingRegistrar/DPS/MpsSvc C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork 584 NT AUTHORITY\SERVIZIO LOCALE 25300/25580 2147619824/2147622764 12512/12636 35 901 0,0 2025-10-28 16:54:16 5122 SVC:CDPSvc/EventSystem/FontCache/netprofm/nsi/W32Time/WinHttpAutoProxySvc C:\Windows\system32\svchost.exe -k LocalService 592 Unknown 5164/8660 2147543136/2147544864 2656/2816 19 589 0,0 2025-10-28 16:54:11 5123 csrss 0 4/4 64/64 0/0 0 0 0,0 0 Idle 476 Unknown 1244/1276 2147490456/2147511984 392/452 2 51 0,0 2025-10-28 16:54:06 5123 smss 616 NT AUTHORITY\SYSTEM 23136/27396 2147869584/2147882032 16436/19776 29 528 0,0 2025-10-28 16:54:16 5122 SVC:DsSvc/NcbService/PcaSvc/TrkWks/UALSVC/UmRdpService/wudfsvc C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted 728 NT AUTHORITY\SYSTEM 8644/13136 2147546216/2147558508 2220/5476 9 165 0,0 2025-10-28 16:54:12 5123 winlogon winlogon.exe 800 Unknown 15792/17780 2147537052/2147807480 13748/20364 11 425 0,0 2025-10-28 16:54:13 5123 services 668 Unknown 3880/7380 2147527228/2147531336 1752/1964 8 124 0,0 2025-10-28 16:54:12 5123 csrss 692 Unknown 5360/5632 2147531196/2147533244 1544/1584 9 108 0,0 2025-10-28 16:54:12 5123 wininit 1388 NT AUTHORITY\SYSTEM 16916/17432 2147586232/2147588204 6544/6788 23 437 0,0 2025-10-28 16:54:18 5122 SVC:Spooler C:\Windows\System32\spoolsv.exe 2548 NT AUTHORITY\SYSTEM 16636/20532 2147554228/2147702784 7776/9628 11 194 0,0 2025-10-28 16:54:19 5122 SVC:StateRepository/tiledatamodelsvc C:\Windows\system32\svchost.exe -k appmodel 2556 NT AUTHORITY\SERVIZIO LOCALE 4724/5228 28456/33576 1348/1604 10 124 0,0 2025-10-28 16:54:19 5122 SVC:SQLBrowser "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" 2500 NT AUTHORITY\SYSTEM 3168/3428 17352/20424 656/700 4 58 0,0 2025-10-28 16:54:19 5122 SVC:RabbitMQ "C:\Program Files\Erlang OTP\erts-13.0.3\bin\erlsrv.exe" 2508 NT AUTHORITY\SYSTEM 103972/109476 2418575256/2418614280 31972/36324 99 827 0,0 2025-10-28 16:54:19 5122 SVC:SmartTalk-NotificationService C:\SmartTalk\Servizi\NotificationService\NotificationService.exe 2632 NT AUTHORITY\SYSTEM 73284/74932 364708/383908 52664/62608 56 1037 0,0 2025-10-28 16:54:19 5122 SVC:TermTalkServerService "C:\Program Files (x86)\Solari di Udine\TTServer\TTSERVER.exe" 2752 NT AUTHORITY\SYSTEM 97480/102616 248112/255532 78604/84784 27 319 0,0 2025-10-28 16:54:19 5122 SVC:StartScheduler "C:\Program Files (x86)\Solari di Udine\StartScheduler\ScService\ScService.exe" 2772 NT AUTHORITY\SYSTEM 10328/10408 74484/80280 2328/2512 16 222 0,0 2025-10-28 16:54:19 5122 SVC:VeeamTransportSvc "C:\Program Files (x86)\Veeam\Backup Transport\VeeamTransportSvc.exe" 2640 NT AUTHORITY\SYSTEM 16704/17460 111296/135752 6860/8352 21 272 0,0 2025-10-28 16:54:19 5122 SVC:SQLWriter "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" 2676 NT AUTHORITY\SYSTEM 133196/278840 367400/536104 107112/274032 48 970 0,0 2025-10-28 16:54:19 5122 SVC:TWServerSvc "C:\Program Files (x86)\Solari di Udine\TWServer\TWSERVER.exe" 2104 NT AUTHORITY\SYSTEM 14368/14780 2147554092/2147555628 6260/6636 16 162 0,0 2025-10-28 16:54:18 5122 SVC:AppHostSvc C:\Windows\system32\svchost.exe -k apphost 2180 NT AUTHORITY\SYSTEM 26864/31148 2147625972/2147634156 12664/17852 20 416 0,0 2025-10-28 16:54:19 5122 SVC:DiagTrack C:\Windows\System32\svchost.exe -k utcsvc 1592 NT AUTHORITY\SERVIZIO LOCALE 7612/7868 2147522728/2147524776 2400/2452 10 169 0,0 2025-10-28 16:54:17 5122 SVC:Wcmsvc C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted 2100 NT AUTHORITY\SERVIZIO DI RETE 7028/8676 2147516920/2147518828 1776/2840 10 139 0,0 2025-10-28 16:54:19 5122 SVC:PolicyAgent C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted 2216 NT AUTHORITY\SYSTEM 36828/37308 2147579864/2147581788 27072/27548 18 185 0,0 2025-10-28 16:54:19 5122 SVC:IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe 2408 NT AUTHORITY\SYSTEM 8328/8596 2147521004/2147522560 2296/2344 11 203 0,0 2025-10-28 16:54:19 5122 SVC:LanmanServer C:\Windows\System32\svchost.exe -k smbsvcs 2420 NT AUTHORITY\SYSTEM 28216/29780 114464/116512 17716/18780 17 163 0,0 2025-10-28 16:54:19 5122 SVC:shibd_Default C:\opt\shibboleth-sp\sbin64\shibd.exe -stdout "C:\opt\shibboleth-sp\var\log\shibboleth\stdout.log" -stderr "C:\opt\shibboleth-sp\var\log\shibboleth\stderr.log" 2240 Unknown 20084/20448 2147546272/2147559940 12472/13020 11 275 0,0 2025-10-28 16:54:19 5122 SVC:MDCoreSvc 2400 NT AUTHORITY\SYSTEM 8304/8304 65692/69788 2368/2368 9 124 0,0 2025-10-28 16:54:19 5122 SVC:QEMU-GA "C:\Program Files\qemu-ga\qemu-ga.exe" -d [netstat] Pacchettiricevuti=25668653 Erroridiintestazionericevuti=0 Erroridiindirizzoricevuti=1707 Datagrammiinoltrati=0 Protocollisconosciutiricevuti=4 Pacchettiricevutiscartati=120963 Pacchettiricevuticonsegnati=25776088 Richiestedioutput=24176846 Routingscartati=0 Pacchettidioutputscartati=4 Pacchettioutputsenzaroute=0 Richiestediriassemblaggio=4 Riassemblaggiriusciti=2 Erroridiriassemblaggio=0 Datagrammiframmentati=0 Erroriframmentazionedatagrammi=0 Frammenticreati=0 Pacchettiricevuti=2669 Erroridiintestazionericevuti=0 Erroridiindirizzoricevuti=0 Datagrammiinoltrati=0 Protocollisconosciutiricevuti=0 Pacchettiricevutiscartati=441 Pacchettiricevuticonsegnati=27909 Richiestedioutput=786759 Routingscartati=0 Pacchettidioutputscartati=0 Pacchettioutputsenzaroute=4 Richiestediriassemblaggio=0 Riassemblaggiriusciti=0 Erroridiriassemblaggio=0 Datagrammiframmentati=0 Erroriframmentazionedatagrammi=0 Frammenticreati=0 Apertureattive=63891 Aperturepassive=1503431 Tentativiconnessionenonriusciti=36225 Connessionireimpostate=602565 Connessionicorrenti=31 Segmentiricevuti=29202511 Segmentitrasmessi=34286780 Segmentiritrasmessi=140950 Apertureattive=59164 Aperturepassive=54028 Tentativiconnessionenonriusciti=5136 Connessionireimpostate=8 Connessionicorrenti=52 Segmentiricevuti=3676728 Segmentitrasmessi=3665760 Segmentiritrasmessi=10968 DatagrammiRicevuti=13731 Nessunaporta=2829 Erroriinricezione=118114 Datagrammitrasmessi=5479 DatagrammiRicevuti=109 Nessunaporta=288 Erroriinricezione=153 Datagrammitrasmessi=996 [ports] Connessioni attive Proto Indirizzo locale Indirizzo esterno Stato TCP 0.0.0.0:80 0.0.0.0:0 LISTENING TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:211 0.0.0.0:0 LISTENING TCP 0.0.0.0:443 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING TCP 0.0.0.0:3001 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:4369 0.0.0.0:0 LISTENING TCP 0.0.0.0:5551 0.0.0.0:0 LISTENING TCP 0.0.0.0:5552 0.0.0.0:0 LISTENING TCP 0.0.0.0:5671 0.0.0.0:0 LISTENING TCP 0.0.0.0:5672 0.0.0.0:0 LISTENING TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING TCP 0.0.0.0:6160 0.0.0.0:0 LISTENING TCP 0.0.0.0:6162 0.0.0.0:0 LISTENING TCP 0.0.0.0:6183 0.0.0.0:0 LISTENING TCP 0.0.0.0:6184 0.0.0.0:0 LISTENING TCP 0.0.0.0:6190 0.0.0.0:0 LISTENING TCP 0.0.0.0:6290 0.0.0.0:0 LISTENING TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING TCP 0.0.0.0:8082 0.0.0.0:0 LISTENING TCP 0.0.0.0:8443 0.0.0.0:0 LISTENING TCP 0.0.0.0:9001 0.0.0.0:0 LISTENING TCP 0.0.0.0:9080 0.0.0.0:0 LISTENING TCP 0.0.0.0:11731 0.0.0.0:0 LISTENING TCP 0.0.0.0:15671 0.0.0.0:0 LISTENING TCP 0.0.0.0:25672 0.0.0.0:0 LISTENING TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING TCP 0.0.0.0:49685 0.0.0.0:0 LISTENING TCP 0.0.0.0:49724 0.0.0.0:0 LISTENING TCP 0.0.0.0:49814 0.0.0.0:0 LISTENING TCP 0.0.0.0:50000 0.0.0.0:0 LISTENING TCP 0.0.0.0:56273 0.0.0.0:0 LISTENING TCP 10.224.4.85:139 0.0.0.0:0 LISTENING TCP 10.224.4.85:211 10.28.228.219:50184 ESTABLISHED TCP 10.224.4.85:49727 172.211.123.250:443 ESTABLISHED TCP 10.224.4.85:49749 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:49769 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:49776 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:56393 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:58932 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:58994 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:59268 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:59391 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:59515 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:59558 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:59559 10.224.4.151:1523 ESTABLISHED TCP 10.224.4.85:64127 10.224.4.151:1523 ESTABLISHED TCP 127.0.0.1:1600 0.0.0.0:0 LISTENING TCP 127.0.0.1:1600 127.0.0.1:49643 ESTABLISHED TCP 127.0.0.1:1600 127.0.0.1:51920 ESTABLISHED TCP 127.0.0.1:1600 127.0.0.1:54788 ESTABLISHED TCP 127.0.0.1:1600 127.0.0.1:55402 ESTABLISHED TCP 127.0.0.1:4369 127.0.0.1:49722 ESTABLISHED TCP 127.0.0.1:6290 127.0.0.1:49723 ESTABLISHED TCP 127.0.0.1:9395 0.0.0.0:0 LISTENING TCP 127.0.0.1:49643 127.0.0.1:1600 ESTABLISHED TCP 127.0.0.1:49722 127.0.0.1:4369 ESTABLISHED TCP 127.0.0.1:49723 127.0.0.1:6290 ESTABLISHED TCP 127.0.0.1:51920 127.0.0.1:1600 ESTABLISHED TCP 127.0.0.1:54788 127.0.0.1:1600 ESTABLISHED TCP 127.0.0.1:55402 127.0.0.1:1600 ESTABLISHED TCP 127.0.0.1:59568 127.0.0.1:4369 TIME_WAIT TCP 127.0.0.1:59572 127.0.0.1:4369 TIME_WAIT TCP 193.206.103.228:139 0.0.0.0:0 LISTENING TCP 193.206.103.228:443 193.206.103.197:46823 TIME_WAIT TCP 193.206.103.228:3389 206.72.200.6:22749 ESTABLISHED TCP 193.206.103.228:3389 206.72.200.6:36130 ESTABLISHED TCP 193.206.103.228:4369 193.206.103.228:59566 TIME_WAIT TCP 193.206.103.228:4369 193.206.103.228:59570 TIME_WAIT TCP 193.206.103.228:5671 5.90.46.240:64307 ESTABLISHED TCP 193.206.103.228:5671 37.159.86.244:3582 ESTABLISHED TCP 193.206.103.228:58706 10.124.1.4:49674 ESTABLISHED TCP 193.206.103.228:59565 10.124.1.4:49674 TIME_WAIT TCP 193.206.103.228:59569 10.124.1.4:49674 TIME_WAIT TCP [::]:80 [::]:0 LISTENING TCP [::]:135 [::]:0 LISTENING TCP [::]:443 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:1433 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:4369 [::]:0 LISTENING TCP [::]:5551 [::]:0 LISTENING TCP [::]:5552 [::]:0 LISTENING TCP [::]:5671 [::]:0 LISTENING TCP [::]:5672 [::]:0 LISTENING TCP [::]:5985 [::]:0 LISTENING TCP [::]:6160 [::]:0 LISTENING TCP [::]:6162 [::]:0 LISTENING TCP [::]:6183 [::]:0 LISTENING TCP [::]:6184 [::]:0 LISTENING TCP [::]:6190 [::]:0 LISTENING TCP [::]:6290 [::]:0 LISTENING TCP [::]:8080 [::]:0 LISTENING TCP [::]:8082 [::]:0 LISTENING TCP [::]:8443 [::]:0 LISTENING TCP [::]:9001 [::]:0 LISTENING TCP [::]:9080 [::]:0 LISTENING TCP [::]:11731 [::]:0 LISTENING TCP [::]:47001 [::]:0 LISTENING TCP [::]:49664 [::]:0 LISTENING TCP [::]:49665 [::]:0 LISTENING TCP [::]:49668 [::]:0 LISTENING TCP [::]:49673 [::]:0 LISTENING TCP [::]:49685 [::]:0 LISTENING TCP [::]:49724 [::]:0 LISTENING TCP [::]:49814 [::]:0 LISTENING TCP [::]:56273 [::]:0 LISTENING TCP [::1]:5671 [::1]:50019 ESTABLISHED TCP [::1]:5671 [::1]:50041 ESTABLISHED TCP [::1]:5671 [::1]:50043 ESTABLISHED TCP [::1]:5671 [::1]:50044 ESTABLISHED TCP [::1]:5671 [::1]:50046 ESTABLISHED TCP [::1]:5671 [::1]:50047 ESTABLISHED TCP [::1]:5671 [::1]:50048 ESTABLISHED TCP [::1]:5671 [::1]:50049 ESTABLISHED TCP [::1]:5671 [::1]:50054 ESTABLISHED TCP [::1]:5671 [::1]:50055 ESTABLISHED TCP [::1]:5671 [::1]:50057 ESTABLISHED TCP [::1]:5671 [::1]:50059 ESTABLISHED TCP [::1]:5671 [::1]:50060 ESTABLISHED TCP [::1]:5671 [::1]:50061 ESTABLISHED TCP [::1]:5671 [::1]:50062 ESTABLISHED TCP [::1]:5671 [::1]:50064 ESTABLISHED TCP [::1]:5671 [::1]:50065 ESTABLISHED TCP [::1]:5671 [::1]:50066 ESTABLISHED TCP [::1]:5671 [::1]:50067 ESTABLISHED TCP [::1]:5671 [::1]:50069 ESTABLISHED TCP [::1]:5671 [::1]:50071 ESTABLISHED TCP [::1]:5671 [::1]:50073 ESTABLISHED TCP [::1]:5671 [::1]:50074 ESTABLISHED TCP [::1]:5671 [::1]:50076 ESTABLISHED TCP [::1]:9395 [::]:0 LISTENING TCP [::1]:50019 [::1]:5671 ESTABLISHED TCP [::1]:50041 [::1]:5671 ESTABLISHED TCP [::1]:50043 [::1]:5671 ESTABLISHED TCP [::1]:50044 [::1]:5671 ESTABLISHED TCP [::1]:50046 [::1]:5671 ESTABLISHED TCP [::1]:50047 [::1]:5671 ESTABLISHED TCP [::1]:50048 [::1]:5671 ESTABLISHED TCP [::1]:50049 [::1]:5671 ESTABLISHED TCP [::1]:50054 [::1]:5671 ESTABLISHED TCP [::1]:50055 [::1]:5671 ESTABLISHED TCP [::1]:50057 [::1]:5671 ESTABLISHED TCP [::1]:50059 [::1]:5671 ESTABLISHED TCP [::1]:50060 [::1]:5671 ESTABLISHED TCP [::1]:50061 [::1]:5671 ESTABLISHED TCP [::1]:50062 [::1]:5671 ESTABLISHED TCP [::1]:50064 [::1]:5671 ESTABLISHED TCP [::1]:50065 [::1]:5671 ESTABLISHED TCP [::1]:50066 [::1]:5671 ESTABLISHED TCP [::1]:50067 [::1]:5671 ESTABLISHED TCP [::1]:50069 [::1]:5671 ESTABLISHED TCP [::1]:50071 [::1]:5671 ESTABLISHED TCP [::1]:50073 [::1]:5671 ESTABLISHED TCP [::1]:50074 [::1]:5671 ESTABLISHED TCP [::1]:50076 [::1]:5671 ESTABLISHED TCP [fe80::a920:5df3:8d80:8a67%4]:5671 [fe80::a920:5df3:8d80:8a67%4]:50016 ESTABLISHED TCP [fe80::a920:5df3:8d80:8a67%4]:5671 [fe80::a920:5df3:8d80:8a67%4]:50020 ESTABLISHED TCP [fe80::a920:5df3:8d80:8a67%4]:50016 [fe80::a920:5df3:8d80:8a67%4]:5671 ESTABLISHED TCP [fe80::a920:5df3:8d80:8a67%4]:50020 [fe80::a920:5df3:8d80:8a67%4]:5671 ESTABLISHED UDP 0.0.0.0:123 *:* UDP 0.0.0.0:500 *:* UDP 0.0.0.0:1434 *:* UDP 0.0.0.0:3389 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5050 *:* UDP 0.0.0.0:5353 *:* UDP 0.0.0.0:5355 *:* UDP 10.224.4.85:137 *:* UDP 10.224.4.85:138 *:* UDP 10.224.4.85:1900 *:* UDP 10.224.4.85:64825 *:* UDP 127.0.0.1:1900 *:* UDP 127.0.0.1:50855 *:* UDP 127.0.0.1:54577 *:* UDP 127.0.0.1:58287 *:* UDP 127.0.0.1:58735 *:* UDP 127.0.0.1:64827 *:* UDP 193.206.103.228:137 *:* UDP 193.206.103.228:138 *:* UDP 193.206.103.228:1900 *:* UDP 193.206.103.228:64826 *:* UDP [::]:123 *:* UDP [::]:500 *:* UDP [::]:1434 *:* UDP [::]:3389 *:* UDP [::]:4500 *:* UDP [::]:5353 *:* UDP [::]:5355 *:* UDP [::1]:1900 *:* UDP [::1]:64824 *:* UDP [fe80::95d0:7cf8:9e9:a109%6]:1900 *:* UDP [fe80::95d0:7cf8:9e9:a109%6]:64822 *:* UDP [fe80::a920:5df3:8d80:8a67%4]:1900 *:* UDP [fe80::a920:5df3:8d80:8a67%4]:64823 *:* [ipconfig] Configurazione IP di Windows Nome host . . . . . . . . . . . . . . : solari-prod Suffisso DNS primario . . . . . . . . : ceda.unina2.it Tipo nodo . . . . . . . . . . . . . . : Ibrido Routing IP abilitato. . . . . . . . . : No Proxy WINS abilitato . . . . . . . . : No Elenco di ricerca suffissi DNS. . . . : ceda.unina2.it cressi.unicampania.it Scheda Ethernet Ethernet: Suffisso DNS specifico per connessione: cressi.unicampania.it Descrizione . . . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter Indirizzo fisico. . . . . . . . . . . : 00-01-A4-A5-D1-26 DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? Indirizzo IPv6 locale rispetto al collegamento . : fe80::95d0:7cf8:9e9:a109%6(Preferenziale) Indirizzo IPv4. . . . . . . . . . . . : 10.224.4.85(Preferenziale) Subnet mask . . . . . . . . . . . . . : 255.255.254.0 Gateway predefinito . . . . . . . . . : 10.224.4.1 IAID DHCPv6 . . . . . . . . . . . : 50332068 DUID Client DHCPv6. . . . . . . . : 00-01-00-01-23-5B-55-F7-00-01-A4-A5-D1-26 Server DNS . . . . . . . . . . . . . : 10.124.1.4 10.124.1.5 NetBIOS su TCP/IP . . . . . . . . . . : Attivato Scheda Ethernet Ethernet 2: Suffisso DNS specifico per connessione: Descrizione . . . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter #2 Indirizzo fisico. . . . . . . . . . . : 00-01-A4-A5-D1-2C DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? Indirizzo IPv6 locale rispetto al collegamento . : fe80::a920:5df3:8d80:8a67%4(Preferenziale) Indirizzo IPv4. . . . . . . . . . . . : 193.206.103.228(Preferenziale) Subnet mask . . . . . . . . . . . . . : 255.255.255.128 Gateway predefinito . . . . . . . . . : 193.206.103.193 IAID DHCPv6 . . . . . . . . . . . : 301990308 DUID Client DHCPv6. . . . . . . . : 00-01-00-01-23-5B-55-F7-00-01-A4-A5-D1-26 Server DNS . . . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS su TCP/IP . . . . . . . . . . : Attivato Scheda Tunnel isatap.cressi.unicampania.it: Stato supporto. . . . . . . . . . . . : Supporto disconnesso Suffisso DNS specifico per connessione: cressi.unicampania.it Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? Scheda Tunnel isatap.{59BB7FB6-B430-4AD1-A79A-C86EB9A6F31D}: Stato supporto. . . . . . . . . . . . : Supporto disconnesso Suffisso DNS specifico per connessione: Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter #2 Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP abilitato. . . . . . . . . . . . : No Configurazione automatica abilitata : S? [route] =========================================================================== Elenco interfacce 6...00 01 a4 a5 d1 26 ......Red Hat VirtIO Ethernet Adapter 4...00 01 a4 a5 d1 2c ......Red Hat VirtIO Ethernet Adapter #2 1...........................Software Loopback Interface 1 2...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Tabella route =========================================================================== Route attive: Indirizzo rete Mask Gateway Interfaccia Metrica 0.0.0.0 0.0.0.0 10.224.4.1 10.224.4.85 271 0.0.0.0 0.0.0.0 193.206.103.193 193.206.103.228 271 10.224.4.0 255.255.254.0 On-link 10.224.4.85 271 10.224.4.85 255.255.255.255 On-link 10.224.4.85 271 10.224.5.255 255.255.255.255 On-link 10.224.4.85 271 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 193.206.103.128 255.255.255.128 On-link 193.206.103.228 271 193.206.103.228 255.255.255.255 On-link 193.206.103.228 271 193.206.103.255 255.255.255.255 On-link 193.206.103.228 271 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 10.224.4.85 271 224.0.0.0 240.0.0.0 On-link 193.206.103.228 271 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 10.224.4.85 271 255.255.255.255 255.255.255.255 On-link 193.206.103.228 271 =========================================================================== Route permanenti: Indirizzo rete Mask Indir. gateway Metrica 0.0.0.0 0.0.0.0 193.206.103.193 Predefinito 0.0.0.0 0.0.0.0 10.224.4.1 Predefinito =========================================================================== IPv6 Tabella route =========================================================================== Route attive: Interf Metrica Rete Destinazione Gateway 1 331 ::1/128 On-link 6 271 fe80::/64 On-link 4 271 fe80::/64 On-link 6 271 fe80::95d0:7cf8:9e9:a109/128 On-link 4 271 fe80::a920:5df3:8d80:8a67/128 On-link 1 331 ff00::/8 On-link 6 271 ff00::/8 On-link 4 271 ff00::/8 On-link =========================================================================== Route permanenti: Nessuna [ifstat] 10.224.4.85 10022740194 11814920480 193.206.103.228 2475654870 4829481574 [svcs] Name StartupType Status DisplayName AJRouter manual stopped Servizio router AllJoyn ALG manual stopped Servizio Gateway di livello applicazione AppHostSvc automatic started Servizio Application Host Helper AppIDSvc manual stopped Identit? applicazione Appinfo manual started Informazioni applicazioni AppMgmt manual stopped Gestione applicazione AppReadiness manual stopped Preparazione app AppVClient disabled stopped Microsoft App-V Client AppXSvc manual stopped Servizio di distribuzione AppX (AppXSVC) aspnet_state manual stopped ASP.NET State Service AudioEndpointBuilder manual stopped Generatore endpoint audio Windows Audiosrv manual stopped Audio di Windows AxInstSV manual stopped ActiveX Installer (AxInstSV) BFE automatic started BFE (Base Filtering Engine) BITS automatic stopped Servizio trasferimento intelligente in background BrokerInfrastructure automatic started Servizio infrastruttura attivit? in background Browser disabled stopped Browser di computer bthserv manual stopped Servizio di supporto Bluetooth CDPSvc automatic started Servizio piattaforma dispositivi connessi CertPropSvc manual started Propagazione certificati ClipSVC manual stopped Servizio licenze client (ClipSVC) COMSysApp manual started Applicazione di sistema COM+ CoreMessagingRegistrar automatic started CoreMessaging CryptSvc automatic started Servizi di crittografia CscService disabled stopped File non linea DBServiceSvc automatic started Solari - DBService DcomLaunch automatic started Utilit? di avvio processi server DCOM DcpSvc manual stopped DataCollectionPublishingService defragsvc manual stopped Ottimizza unit? DeviceAssociationService manual stopped Servizio associazione dispositivi DeviceInstall manual stopped Servizio installazione dispositivi DevQueryBroker manual stopped Gestore individuazione in background DevQuery Dhcp automatic started Client DHCP diagnosticshub.standardcollector.service manual stopped Servizio Agente di raccolta standard hub diagnostica Microsoft (R) DiagTrack automatic started Esperienze utente connesse e telemetria DmEnrollmentSvc manual stopped Servizio di registrazione gestione dispositivi dmwappushservice manual stopped dmwappushsvc Dnscache automatic started Client DNS dot3svc manual stopped Configurazione automatica reti cablate DPS automatic started Servizio Criteri di diagnostica DsmSvc manual stopped Gestione configurazione dispositivi DsSvc manual started Servizio di condivisione dati Eaphost manual stopped Extensible Authentication Protocol EFS manual stopped EFS (Encrypting File System) embeddedmode manual stopped Modalit? incorporata EntAppSvc manual stopped Servizio di gestione app aziendali EventLog automatic started Registro eventi di Windows EventSystem automatic started COM+ Event System fdPHost manual stopped Host provider di individuazione funzioni FDResPub manual stopped Pubblicazione risorse per individuazione FontCache automatic started Servizio cache tipi di carattere Windows FontCache3.0.0.0 manual stopped Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 FrameServer manual stopped Server di fotogrammi fotocamera Windows GoogleChromeElevationService manual stopped Google Chrome Elevation Service (GoogleChromeElevationService) GoogleUpdaterInternalService143.0.7482.0 automatic stopped Servizio interno di Google Updater (GoogleUpdaterInternalService143.0.7482.0) GoogleUpdaterService143.0.7482.0 automatic stopped Servizio di Google Updater (GoogleUpdaterService143.0.7482.0) gpsvc automatic started Client di Criteri di gruppo gupdate automatic stopped Servizio Google Update (gupdate) gupdatem manual stopped Servizio Google Update (gupdatem) hidserv manual stopped Servizio Human Interface Device HvHost manual stopped Servizio host hypervisor icssvc manual stopped Servizio hotspot di Windows Mobile IISADMIN automatic started Servizio di amministrazione di IIS IKEEXT automatic started Moduli di impostazione chiavi IPSec IKE e Auth-IP iphlpsvc automatic started Helper IP KeyIso manual started Isolamento chiavi CNG KPSSVC manual stopped Servizio Server proxy KDC (KPS) KtmRm manual stopped KtmRm per Distributed Transaction Coordinator LanmanServer automatic started Server LanmanWorkstation automatic started Workstation lfsvc manual started Servizio di georilevazione LicenseManager manual stopped Servizio Gestione licenze Windows lltdsvc manual stopped Mapper individuazione topologia livelli di collegamento lmhosts manual started Helper NetBIOS di TCP/IP LSM automatic started Gestione sessioni locali MapsBroker disabled stopped Gestione mappe scaricate MDCoreSvc automatic started Servizio di base di Microsoft Defender MozillaMaintenance manual stopped Mozilla Maintenance Service MpsSvc automatic started Windows Firewall MSDTC automatic started Distributed Transaction Coordinator MSiSCSI manual stopped Servizio iniziatore iSCSI Microsoft msiserver manual stopped Windows Installer MSSQL$SQLEXPRESS automatic started SQL Server (SQLEXPRESS) NcaSvc manual stopped Assistente connettivit? di rete NcbService manual started Gestore connessione rete Netlogon automatic started Accesso rete Netman manual stopped Connessioni di rete netprofm manual started Servizio Elenco reti NetSetupSvc manual stopped Servizio di installazione della rete NetTcpPortSharing disabled stopped Servizio di condivisione porte Net.Tcp NgcCtnrSvc manual stopped Contenitore Microsoft Passport NgcSvc manual stopped Microsoft Passport NlaSvc automatic started Riconoscimento presenza in rete nsi automatic started Servizio Interfaccia archivio di rete OracleRemExecServiceV2 manual stopped OracleRemExecServiceV2 OVirtGuestService automatic started oVirt Agent PcaSvc automatic started Servizio Risoluzione problemi compatibilit? programmi PerfHost manual stopped Host DLL contatore prestazioni PhoneSvc manual stopped Servizio Telefono pla manual stopped Avvisi e registri di prestazioni PlugPlay manual started Plug and Play PolicyAgent manual started Agente criteri IPsec Power automatic started Alimentazione PrintNotify manual stopped Estensioni e notifiche della stampante ProfSvc automatic started Servizio profili utente QEMU_Guest_Agent_VSS_Provider manual stopped QEMU Guest Agent VSS Provider QEMU-GA automatic started QEMU Guest Agent QWAVE manual stopped Servizio audio/video Windows di qualit? RabbitMQ automatic started RabbitMQ RasAuto manual stopped Auto Connection Manager di Accesso remoto RasMan manual stopped Connection Manager di Accesso remoto RemoteAccess disabled stopped Routing e Accesso remoto RemoteRegistry automatic stopped Registro di sistema remoto RmSvc manual stopped Servizio di gestione radio RpcEptMapper automatic started Agente mapping endpoint RPC RpcLocator manual stopped RPC Locator RpcSs automatic started Chiamata di procedura remota (RPC) RSoPProv manual stopped Provider Gruppo di criteri risultante sacsvr manual stopped Helper console di amministrazione speciale SamSs automatic started Sistema di gestione degli account di sicurezza (SAM) SCardSvr disabled stopped Smart Card ScDeviceEnum manual stopped Servizio di enumerazione dispositivo smart card Schedule automatic started Utilit? di pianificazione SCPolicySvc manual stopped Criterio rimozione smart card seclogon manual stopped Accesso secondario SENS automatic started Servizio di notifica eventi di sistema SensorDataService manual stopped Servizio dati sensori SensorService manual stopped Servizio sensori SensrSvc manual stopped Servizio monitoraggio sensori SessionEnv manual started Configurazione Desktop remoto SharedAccess manual stopped Condivisione connessione Internet (ICS) ShellHWDetection automatic started Rilevamento hardware shell shibd_Default automatic started Shibboleth Daemon (Default) SmartTalk-AccessControlService automatic started SmartTalk-AccessControlService SmartTalk-AlliniamentoDB automatic started SmartTalk-AlliniamentoDB SmartTalk-DispatcherService automatic started SmartTalk-DispatcherService SmartTalk-ManageInstanceService automatic started SmartTalk-ManageInstanceService SmartTalk-NotificationService automatic started SmartTalk-NotificationService SmartTalk-OnlineVerificationService automatic started SmartTalk-OnlineVerificationService SmartTalk-ScaricoTimbrature automatic started SmartTalk-ScaricoTimbrature SmartTalk-SchedulerService automatic started SmartTalk-SchedulerService SmartTalk-TerminalStatusService automatic started SmartTalk-TerminalStatusService SmartTalk-TransactionService automatic started SmartTalk-TransactionService smphost manual stopped SMP spazi di archiviazione Microsoft SNMPTRAP manual stopped Trap SNMP SolariWorkerSvc disabled stopped Solari - SolariWorkerSvc Spooler automatic started Spooler di stampa sppsvc automatic stopped Protezione software SQLAgent$SQLEXPRESS disabled stopped SQL Server Agent (SQLEXPRESS) SQLBrowser automatic started SQL Server Browser SQLTELEMETRY$SQLEXPRESS disabled stopped SQL Server CEIP service (SQLEXPRESS) SQLWriter automatic started SQL Server VSS Writer SSDPSRV manual started Individuazione SSDP SstpSvc manual stopped Servizio SSTP (Secure Socket Tunneling Protocol) StartScheduler automatic started Solari - StartScheduler StartWebServerSvc disabled stopped Solari - StartWebServerSvc StateRepository manual started Servizio repository stati stisvc manual stopped Acquisizione di immagini di Windows (WIA) StorSvc manual stopped Servizio di archiviazione svsvc manual stopped Verifica spot swprv manual stopped Provider di copie shadow software Microsoft SysMain manual stopped Ottimizzazione avvio SystemEventsBroker automatic started Gestore eventi di sistema TabletInputService manual stopped Servizio tastiera virtuale e pannello per la grafia TapiSrv manual stopped Telefonia TermService manual started Servizi Desktop remoto TermTalkServerService automatic started Term Talk Server Themes automatic started Temi TieringEngineService manual stopped Gestione livelli di archiviazione tiledatamodelsvc automatic started Server modello dati sezioni TimeBrokerSvc manual started Gestore tempo TrkWks automatic started Manutenzione collegamenti distribuiti client TrustedInstaller manual stopped Programma di installazione dei moduli di Windows TWServerSvc automatic started Solari - TWServerSvc TWServerWebSvc automatic started Solari - TWServerWebSvc tzautoupdate manual stopped Strumento di aggiornamento automatico fuso orario UALSVC automatic started Servizio registrazione accessi utente UevAgentService disabled stopped Servizio User Experience Virtualization UI0Detect manual stopped Rilevamento servizi interattivi UmRdpService manual started Redirector porta UserMode di Servizi Desktop remoto upnphost manual stopped Host di dispositivi UPnP UserManager automatic started Gestione utenti UsoSvc manual stopped Servizio agente di orchestrazione aggiornamenti per Windows Update VaultSvc manual started Gestione credenziali vds manual stopped Disco virtuale vdservice automatic started Spice Agent VeeamDeploySvc automatic started Veeam Installer Service VeeamEndpointBackupSvc automatic started Veeam Agent for Microsoft Windows VeeamTransportSvc automatic started Veeam Data Mover Service vmicguestinterface manual stopped Interfaccia servizio guest Hyper-V vmicheartbeat manual stopped Servizio Heartbeat Hyper-V vmickvpexchange manual stopped Servizio Scambio di dati Hyper-V vmicrdv manual stopped Servizio Virtualizzazione Desktop remoto Hyper-V vmicshutdown manual stopped Servizio Arresto guest Hyper-V vmictimesync manual stopped Servizio Sincronizzazione ora Hyper-V vmicvmsession manual stopped Servizio PowerShell Direct Hyper-V vmicvss manual stopped Richiedente Copia Shadow del volume Hyper-V VSS manual stopped Copia shadow del volume W32Time automatic started Ora di Windows w3logsvc manual stopped Servizio di registrazione W3C W3SVC automatic started Servizio Pubblicazione sul Web WalletService manual stopped WalletService WAS manual started Servizio Attivazione processo Windows WbioSrvc automatic stopped Servizio di biometria Windows Wcmsvc automatic started Gestione connessioni Windows WdiServiceHost manual stopped Host servizio di diagnostica WdiSystemHost manual stopped Host sistema di diagnostica WdNisSvc manual started Servizio Controllo rete di Microsoft Defender Antivirus Wecsvc manual stopped Raccolta eventi Windows WEPHOSTSVC manual stopped Servizio host del provider di crittografia di Windows wercplsupport manual stopped Segnalazioni di problemi e soluzioni nel Pannello di controllo WerSvc manual stopped Servizio Segnalazione errori Windows WiaRpc manual stopped Eventi acquisizione Still Image WinDefend automatic started Servizio Microsoft Defender Antivirus WinHttpAutoProxySvc manual started Servizio rilevamento automatico proxy WinHTTP Winmgmt automatic started Strumentazione gestione Windows WinRM automatic started Gestione remota Windows (WS-Management) wisvc manual stopped Servizio Windows Insider wlidsvc manual stopped Assistente per l'accesso all'account Microsoft wmiApSrv manual started Scheda WMI Performance WPDBusEnum manual stopped Servizio enumeratore dispositivi mobili WpnService automatic started Servizio di sistema notifiche Push Windows WSearch automatic started Windows Search wuauserv manual stopped Windows Update wudfsvc manual started Windows Driver Foundation - Framework driver modalit? utente XblAuthManager manual stopped Gestione autenticazione Xbox Live XblGameSave manual stopped Giochi salvati su Xbox Live XymonPSClient automatic started XymonPSClient [uptime] sec: 307361 3 days 13 hours 22 minutes 40 seconds Bootup: 20251028165403.495932+060 [who] NOMESESSIONE NOMEUTENTE ID STATO TIPO DISPOSITIVO >services 0 Disc console 1 Conn rdp-tcp 65536 Rimani in ascolto Totale sessioni create: 5 Totale sessioni disconnesse: 3 Totale sessioni riconnesse: 0 [users] [iis_sites] Default Web Site IIS://localhost/W3SVC/1 SiteID: 1 LogFileDirectory C:\inetpub\logs\LogFiles LogFileLocaltimeRollover True ServerAutoStart True ServerState 2 SecureBindings 193.206.103.228:443:presenze.ceda.unina2.it 193.206.103.228:443:presenze.cressi.unicampania.it presenze-redirect IIS://localhost/W3SVC/2 SiteID: 2 LogFileDirectory C:\inetpub\logs\LogFiles LogFileLocaltimeRollover True ServerAutoStart True ServerBindings 193.206.103.228:80:presenze.ceda.unina2.it 193.206.103.228:80:presenze.cressi.unicampania.it ServerState 2 SmartTalkWeb IIS://localhost/W3SVC/3 SiteID: 3 LogFileDirectory C:\inetpub\logs\LogFiles LogFileLocaltimeRollover True ServerAutoStart True ServerBindings :9080: ServerState 2 SecureBindings :8443: [XymonConfig] XymonSettings serversList : 10.224.4.197 serverUrl : serverHttpUsername : serverHttpTimeoutMs : 100000 wanteddisksList : {3} clientname : solari-prod.ceda.unina2.it clientsoftware : powershell clientclass : powershell loopinterval : 300 maxlogage : 60 MaxEvents : 5000 slowscanrate : 72 reportevt : 1 EnableWin32_Product : 0 EnableWin32_QuickFixEngineering : 0 EnableWMISections : 0 EnableIISSection : 1 EnableDiskPart : 0 ClientProcessPriority : Normal clientlogpath : C:\Program Files\xymon clientlogretain : 0 XymonAcceptUTF8 : 0 GetProcessInfoCommandLine : 1 GetProcessInfoOwner : 1 externalscriptlocation : C:\Program Files\xymon\ext externaldatalocation : C:\Program Files\xymon\tmp localdatalocation : C:\Program Files\xymon\local servergiflocation : /xymon/gifs/ servers : 10.224.4.197 clientlogfile : C:\Program Files\xymon\xymonclient.log clientconfigfile : C:\Program Files\xymon\clientconfig.cfg clientfqdn : 1 clientlower : 1 clientbbwinmembug : 0 clientremotecfgexec : 1 HaveCmd Name Value ---- ----- qwinsta True query True XymonClientVersion : xymonclient.ps1 2.42 2019-03-11 zak.beck@accenture.com clientname solari-prod.ceda.unina2.it [XymonPSClientInfo] Collection number: 53 Last transmission method: TCP Id : 46504 Handles : 575 CPU : 987,6875 SI : 0 Name : powershell