Solved

How to stop brute force attacks on our TFS 2010 going through our reverse proxy?

Posted on 2011-03-06
1
723 Views
Last Modified: 2013-11-25
I have setup TFS 2010 to connect to the internet via our reverse proxy.  Now I would like to stop brute force attacks to ban ip addresses that keep trying to 'guess' passwords.  Is this an IIS change or a reverse proxy change?  If it is a IIS change what do I need to do to stop people from guess TFS passwords?
0
Comment
Question by:IandINSW
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 23

Accepted Solution

by:
Admin3k earned 250 total points
ID: 35081187
- USE complex passwords whenever possible.
- Always Use HTTPS for Published TFS implementations
-Block the offensive IPs using IIS

http://www.winserverhelp.com/2010/07/creating-ip-address-restrictions-in-iis/
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION Subversion is a fantastic version management and software configuration management tool for teams and individuals to manage software applications. It offers many advantages over it's CVS ancestor such as it's built-in compatibility w…
Article by: gr8gonzo
Git can be a complicated version control system for beginners, but it definitely is one of the best ones out there. Since this article assumes that you're starting at square one, it will skip over things that Git -can- do and will focus on the typic…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question