server unable to logon the Windows NT account
Posted on 2007-08-02
This is an 2003 SBS enviroment.
In the event logs Ive been receiving the following error approx once a minute
The server was unable to logon the Windows NT account 'USER' due to the following error: Logon failure: unknown user name or bad password. The data is the error code.
Now, I do have a basic understanding of what this error messages entails, BUT the "USER" keeps changing, and none of the names are actual usernames for employees at the company. (This error has en logged 1000s of times with usernames like, Bill, Jane, George, Linda etc etc. )
So it appears that someone is trying to access my server via IIS? What safeguards can we impliment outide of our current firewall system.