Lately I get these quite a lot.
I suspect someone is trying to get in with remote desktop.
is that right?
I have changed the admin password, and we are behind a hardware firewall.
I did ip traces, and they always come from the UK and the USA.
should I report these? How can I do this?
I called my local police here and they say they cannot do anything if it does not originate from within my country (Belgium)
Critical Errors in Security Log
Source Event ID Last Occurrence Total Occurrences
Security 529 3/01/2010 4:59 597 *
Reason: Unknown user name or bad password
User Name: admin
Logon Type: 10
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: SBSCORRUTECH
Caller User Name: SBSCORRUTECH$
Caller Domain: CORRUTECH
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 6036
Transited Services: -
Source Network Address: 18.104.22.168
Source Port: 48107