recently install express version and today notice in event log a lot of logon attempts it seems. Then they stop and they are a lot of success, now the afilures are from an IP I dont know of. Also looking at the success on it says now I or nobody has made any connections to the server. I'm a little confused as to what is going on possible someone trying to hack in?
Is there a way to only allow 3 logon attemps per ip?
Login succeeded for user 'GREGSON\Administrator'. Connection made using Windows authentication. [CLIENT: <local machine>]