Re: failed login attempts

From: Tim Springston [MS] (tspring_at_online.microsoft.com)
Date: 08/29/04

• Next message: BOFH: "Re: Secure Server & Services"
• Previous message: Miha Pihler: "Re: Secure Server & Services"
• In reply to: Gary: "failed login attempts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 29 Aug 2004 13:30:38 -0500

Hi Gary-

The security event descriptions should tell you some of the story. What do
they look like?

-- 
Tim Springston
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
"Gary" <anonymous@discussions.microsoft.com> wrote in message 
news:a2d301c47947$a7ad7c20$a501280a@phx.gbl...
> We have been receiving many failed login attempts by
> unknown users, recorded in our security event logs on our
> web server. We only allow traffic to flow through ports 80
> and 443 inbound on our perimeter firewall. Outbound
> traffic is restricted to DNS queries only. The servers
> have
> been hardened and patches applied.
> What we want to try to discover is what is
> actually allowing somebody to enter login credentials as
> there isn't as far as we are aware anywhere on the site
> that permits this. Is there any way of finding this hole?
> Many thanks in advance 

---

• Next message: BOFH: "Re: Secure Server & Services"
• Previous message: Miha Pihler: "Re: Secure Server & Services"
• In reply to: Gary: "failed login attempts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)