My users work on TSWEB Access on one of my server 2008 carrying a couple of databases. They simply go to 'http://server.domainname.com'
and logon and work. Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625. I further found that anybody can directly remote into the server via external IP.
Does remote desktop and TSWebaccess go hand in hand? How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :