<div>
Also try going through this document. It works on 2003 as well.<br />
<br />
<a href="http://secureconditions.com/articles/NetworkSecurityGuidelinesNSA.pdf" rel="ugc">http://secureconditions.com/articles/NetworkSecurityGuidelinesNSA.pdf</a><br />
<br />
Regards,<br />
<br />
Good luck and stay secure.<br />
<br />
CJ
</div>


Also try going through this document. It works on 2003 as well.

http://secureconditions.com/articles/NetworkSecurityGuidelinesNSA.pdf [http://secureconditions.com/articles/NetworkSecurityGuidelinesNSA.pdf]

Regards,

Good luck and stay secure.

CJ

<div>
3389 most likely...<br />
strong password, no &quot;Administrator&quot; accout, lockout after 4, port 25, 80, 110, 443, 3389<br />
Thanks for the input!
</div>


3389 most likely...
strong password, no "Administrator" accout, lockout after 4, port 25, 80, 110, 443, 3389
Thanks for the input!

<div>
yes, tcp port 3389 is for terminal server...I would be very wary of opening terminal server to the Internet. OK, I just woudn't do it. If you need to remotely admin the server, VPN in, and then start a terminal session.
</div>


yes, tcp port 3389 is for terminal server...I would be very wary of opening terminal server to the Internet. OK, I just woudn't do it. If you need to remotely admin the server, VPN in, and then start a terminal session.

<div>
<div class="content wysiwyg-content">
Can anyone let me know what type of an attack would have 10 or 8 logon attempts all occuring at the exact same time.<br />
<br />
The last 2 nights I have had security logs at about 1:00am with 10 attempts on the administrator account all logged at the same time, then last night, same thing. &nbsp;<br />
<br />
What type of attack is this?<br />
<br />
(FYI We are using a SBS2003 server with symantec VPN firewall and the administrator account has been renamed.) &nbsp;
</div>
</div>


Can anyone let me know what type of an attack would have 10 or 8 logon attempts all occuring at the exact same time.

The last 2 nights I have had security logs at about 1:00am with 10 attempts on the administrator account all logged at the same time, then last night, same thing.  

What type of attack is this?

(FYI We are using a SBS2003 server with symantec VPN firewall and the administrator account has been renamed.)  

Hacking attemps all occuring at same time.

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.