Re: IP of machine locking account?
- From: "Dave" <noone@xxxxxxxxxxx>
- Date: Fri, 14 Mar 2008 11:57:13 -0000
i always thought that exposing domain machines directly to the internet was
a really bad idea. lock the whole network behind a firewall and provide vpn
access in to users who need it from outside.
meanwhile, rename the account or delete it if you aren't using it.
"just bob" <kilbyfan@xxxxxxx> wrote in message
news:47d922f1$0$36379$742ec2ed@xxxxxxxxxxxxxxxxx
Someone is trying to hack one of our (formerly) admin accounts in AD on
Server 2003 using a bad password and causing the account to lock and the
event viewer shows the login attempt coming from a machine with a name
which is not on our network.
This has been happening every day at a different time of day and every
time the machine name is different. The only constant is the account being
attacked is the same every time. It would really help if there was a way
to get the IP address and not just the name of the machine. I have looked
in our DNS and DHCP database and found no machines we do not recognize.
Thank you in advance if you have a suggestion for me.
-Bob
.
- Follow-Ups:
- Re: IP of machine locking account?
- From: just bob
- Re: IP of machine locking account?
- References:
- IP of machine locking account?
- From: just bob
- IP of machine locking account?
- Prev by Date: Unable to create a Network Place to a DFS Link
- Next by Date: does mstask.exe normally open and listen on a tcp port?
- Previous by thread: IP of machine locking account?
- Next by thread: Re: IP of machine locking account?
- Index(es):
Relevant Pages
|
