This past weekend, my website went down. After putting my (outsourced) server admin company, they told me there had been a brute force attack, and that they blocked the IP that it originated from. My site is an asp.net one running on Windows Server.
I have a few questions, and please keep in mind I'm not a server maven when answering!
1. How does a brute force attack shut down a website? I understand ddos, but isn't a brute force attack just one ip trying many many user/password combos to try and get through to my server?
2. Are there any ways to protect a server from brute force attacks?
3. Where in my server can I see this attack? I.e. is there a log of all attempted logins?