Critical Errors in Security Log

Hi,

I dont have a machine called Workstation1, so I'm not sure what this is for?

Any ideas?

Logon Failure:
       Reason:      Unknown user name or bad password
       User Name:       
       Domain:       
       Logon Type:      3
       Logon Process:      NtLmSsp
       Authentication Package:      NTLM
       Workstation Name:      WORKSTATION1
       Caller User Name:      -
       Caller Domain:      -
       Caller Logon ID:      -
       Caller Process ID:      -
       Transited Services:      -
       Source Network Address:      92.9.65.68
       Source Port:      0
Wicked-WebsitesAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Wicked-WebsitesConnect With a Mentor Author Commented:
Hi,

I'm running bullguard directly on the server, and then I have a Netgear DG834G Router
0
 
JoWickermanCommented:
Hi

This is what I've found:

"Windows logs logon type 3 in most cases when you access a computer from elsewhere on the network. One of the most common sources of logon events with logon type 3 is connections to shared folders or printers. But other over-the-network logons are classed as logon type 3 as well such as most logons to IIS."

Do you host a website maybe?
0
 
Wicked-WebsitesAuthor Commented:
Hey,

Nope not hosting a website, but I think it is from people trying to gain access in the server, because I had over 2000 attempts to logon with administrator...

also someone tried JEFF nearly 1000 times too, and there is no-one called jeff work there :)

Is there a way to block repeat logon attempts?
0
 
JoWickermanCommented:
Yeah, there is. You can block the IP from the attempted connection on your firewall.

What type of firewall are you running?
0
 
JoWickermanCommented:
Hi,

I can't seem to find any information on your products on how to block external IP's. Do you still have the original documentation?

Bullguard says that it automatically blocks intruder attempts, but it does not seem the case...
0
All Courses

From novice to tech pro — start learning today.