amanzoor
asked on
server 2008 and TSWEB access and making it secure
Hi there,
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases. They simply go to 'http://server.domainname.com' and logon and work. Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625. I further found that anybody can directly remote into the server via external IP.
Does remote desktop and TSWebaccess go hand in hand? How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases. They simply go to 'http://server.domainname.com' and logon and work. Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625. I further found that anybody can directly remote into the server via external IP.
Does remote desktop and TSWebaccess go hand in hand? How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
ASKER
Please tell me one thing, once the user type in http://server.mydomain.com, the very first window pops in which is windows security which asks for username and password (which program is sending in this window? Is it IIS or something else?) secondly once the user logs in via this window the user sees my TS Web ACCESS page with applications on it, once the user clicks on once of the apps another windows pops up asking for username and pass(this time is it the terminal server asking for authentication? or IIS?