User accounts locked out
From: Rick Hawkes (mediawebrick@hotmail.com)
Date: 01/05/03
- Next message: mike mayes: "spoofing IP's in w2k"
- Previous message: Peter: "Re: Change forgotten administrator password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Rick Hawkes" <mediawebrick@hotmail.com> Date: Sat, 4 Jan 2003 21:05:06 -0800
Greetings!
I am running Win2K server, fully up-to-date software wise,
I think. I was looking at the Security log the other day
and noticed a lot of failed logon attempts. Then I put a
security policy in to lock out the user accounts after
three bad password attempts, and in a matter of hours, all
the user accounts were locked out.
I am not using active directory, just local users.
The server is a web server, running IIS 5, lots of front
page sites, RhinoSoft Serv-U for ftp. It's also running
SQL 7.0 SP3.
Clearly someone is trying to break in.
1) How on earth do they know what user accounts I have on
my system
2) How could they be getting in to attempt to logon?
Terminal services? If so, can I stop that service without
losing functionality?
Is there some way I can find out where the attempt to
logon is coming from?
Obviously I don't want unauthorized logins to the system.
Can anyone give me an idea what to do? It's a little
unnerving to have this happening.
...Rick...
- Next message: mike mayes: "spoofing IP's in w2k"
- Previous message: Peter: "Re: Change forgotten administrator password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
