Avatar of eggster34
eggster34

asked on 

account lockout on windows 2000

H:ello
I have a windows 2000 domain controller that is also running a web server and an ftp server.
some character keeps performing a brute force attack to my ftp server with the administrator user and just trying to guess the password.
I need to configure policies to

-- audit these attacks in the event viewer
-- block the attacker from connecting to the server for 30 minutes (without locking down the administrator user.)
Security

Avatar of undefined
Last Comment
Tolomir
Avatar of Cyclops3590
Cyclops3590
Flag of United States of America image

ok, first I have never used the ftp of windows before.  however, I have to wonder if the Admin acct can be restricted from being able to connect all together, but allow other users to connect.  The other is if its the same person, why not just block that IP from connecting to the server.
The final recommendation would be to just change the name of the administrator so technically the administrator acct doesn't exist anymore.  I know its possible but would have to look up just how its done again though.
ASKER CERTIFIED SOLUTION
Avatar of Tolomir
Tolomir
Flag of Germany image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of eggster34
eggster34

ASKER

I have windows 2000.
I use this guide:

http://support.microsoft.com/kb/320053/en-us

to rename the domain administrator account only, but nothing happened although I applied the secedit /refreshpolicy machine_policy setting.
does this procedure not work on domain controllers / domain accounts?!?
Avatar of eggster34
eggster34

ASKER

hello?
Avatar of Tolomir
Tolomir
Flag of Germany image

Sorry, I missed that question somehow:

please take a look at: http://support.microsoft.com/kb/259576

( http://www.microsoft.com/windows2000/docs/grouppolwp.doc )
Avatar of Tolomir
Tolomir
Flag of Germany image

This could be usefull too:

http://www.digitalriver.com/dr/v2/ec_Main.Entry17C?SID=26412&SP=10023&CID=117017&PID=313036&PN=1&V1=313036

#

BlackICE Server Protection delivers bulletproof protection, with defenses against specific attacks directed at Windows NT or 2000 servers. BlackICE Server Protection detects, identifies and blocks attacks before they can compromise a system. Protect your home network or small office with BlackICE Server Protection. BlackICE Server Protection's award-winning technology:

# Protects servers by scrutinizing all traffic into and outfrom a server, constantly on the lookout for suspicious activity and ready to aggressively defend against attack
# Blocks malicious activity from the source of the attack and denies improper access while leaving legitimate traffic unaffected
# Alerts users attempted attacks and logs all suspicious activity so that sophisticated users or service providers can identify and neutralize the threat at its source
# Secures dial-up, DSL, or cable modem Internet connections 24 hours a day, 365 days a year
Avatar of Tolomir
Tolomir
Flag of Germany image

Here is a link to the shareware version:

http://www.softsea.com/review/BlackICE-Server-Protection.html
Security
Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo