Re: Hackers Attempted Attacks
From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 08/06/03
- Next message: Karl Levinson [x y] mvp: "Re: Hackers Attempted Attacks"
- Previous message: Lanwench [MVP - Exchange]: "Re: port scanning"
- In reply to: Sam Jallad: "Hackers Attempted Attacks"
- Next in thread: Karl Levinson [x y] mvp: "Re: Hackers Attempted Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 6 Aug 2003 09:59:35 -0400
A) You need a very good firewall protecting your network. Don't use personal
firewall software on a server - use a perimeter firewall - a server or an
appliance - that blocks ports.
B) Disable Guest if you haven't done so already
C) Force complex passwords and regular password changes for all users
D) Rename commonly-used accounts such as administrator to something else
E) Run Windows Update to get all relevant critical patches
F) Run good antivirus software on the server and all workstations - ideally
centrally managed stuff.
It's good you have auditing enabled, or you might never have known anything
about this.
Sam Jallad wrote:
> I have Win 2000 server and for the past few days I see bunch of logs
> in the event log about failure attempts to login to the system. After
> few attempts the accounts get locked out. I can see the name of the
> machine who is trying to attack me. This person is running a program
> for like 20 minutes everyday or so. How can I find out who that is?
> or how can I prevent these programs from running against my machine?
>
> Thanks
- Next message: Karl Levinson [x y] mvp: "Re: Hackers Attempted Attacks"
- Previous message: Lanwench [MVP - Exchange]: "Re: port scanning"
- In reply to: Sam Jallad: "Hackers Attempted Attacks"
- Next in thread: Karl Levinson [x y] mvp: "Re: Hackers Attempted Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
