Windows 2003 Security event log - Failed audits
Posted on 2005-03-30
I have a windows 2003 servers keeps getting failed logon attempts from people outside the network. The event id is 529 failed logon.
I think our network is secure, the only thing I let in on the firewall is HTTPS and SMTP. I even checked our settings with shieldsup.
My question is how are people seeing my server in order to try and hack in? The server in question has exchange and iis for owa. The owa is through https and I have a certificate authority.
Any help would be appreciated.