Link to home
Start Free TrialLog in
Avatar of amanzoor
amanzoorFlag for Canada

asked on

server 2008 and TSWEB access and making it secure

Hi there,
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases.  They simply go to 'http://server.domainname.com' and logon and work.  Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625.  I further found that anybody can directly remote into the server via external IP.  
Does remote desktop and TSWebaccess go hand in hand?  How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
ASKER CERTIFIED SOLUTION
Avatar of Glen Knight
Glen Knight
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of amanzoor
amanzoor
Flag of Canada image

ASKER

THanks Demazter:
Please tell me one thing, once the user type in http://server.mydomain.com, the very first window pops in which is windows security which asks for username and password (which program is sending in this window?  Is it IIS or something else?)  secondly once the user logs in via this window the user sees my TS Web ACCESS page with applications on it, once the user clicks on once of the apps another windows pops up asking for username and pass(this time is it the terminal server asking for authentication? or IIS?
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.