I have a bit of a dilema; I am running SBS2003 with ISA2004. The SBS SQL Server is hosting an application over port 1433 of which is redirected by ISA to a SQL Server 2005 installation. I have a rather long list of IP addresses that have attempted to break-in using the SA account user/password. As I have noted the breakin attempt, I have added the IP address to a Hacker Network Interface created in ISA to deny access to the network.
Aside from neutering the SA username & password any suggestions within ISA to stop or mitigate the threat? I thought of assigning a different port but that seems to be a short-term solution.
Any suggestions would be welcome.