Someone's trying to crack password via ftp

I am running windows 2000 with iis 5 and ftp... I noticed in my log files that someone was trying to crack the username and password of an ftp account on our server.  It appears to be happening in rapid succession.   Is there anything from a security standpoint I can do to prevent this?  I.e. pause after so many failed attempts etc.

Please advise.

Thanks,
Bruce
polobruceAsked:
Who is Participating?
 
r-kConnect With a Mentor Commented:
See here:

 http://www.microsoft.com/technet/security/prodtech/windows2000/w2kccadm/acctpol/w2kadm08.mspx

but I think the Administrator account can't be locked out. For that one, be sure to set a sufficiently long password that can't be cracked or guessed.
0
 
ChatableConnect With a Mentor Commented:
Unfortunately IIS doesn't have an anti brute-force mechanism (none that I know of anyway). The only thing you can do is to use the IP access list of IIS and block the IP of the attacker. If your server is not public you can also limit access only to the IP's of the legitimate users.
0
 
mattbcsConnect With a Mentor Commented:
If they are trying for the administrator account, one best practice for securing a windows box is to RENAME the administrator account to something else - security by obscurity. I'll ocasionally look through logs and find brute force attempts for an account named administrator, but I can rest assured, because there is no account named administrator... Just pick a clever name and substitute it (rename it)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.