?
Solved

Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated.

Posted on 2011-09-13
6
Medium Priority
?
10,948 Views
Last Modified: 2013-11-21
I am a technician for a IT support company.  Most of my clients have one server that is a DC and up to 30 workstations.  

Recently all the servers have had the following event:

Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated.

The problem with this event is that no one connects using terminal services or RDP within the site or from off site.  

I am not sure if someone is trying to hack in or not.  We as a company to have RDP capablities to our clients sites, but no one from our company was trying to remote in at the times the event take place.  

The event happens every six seconds for about an hour several time through out the day and night.
0
Comment
Question by:syntec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36529843
you say you have RDP to the client, does that mean that the server is just floating around with RDP open on the internet?
0
 

Author Comment

by:syntec
ID: 36529881
It depends on what you mean by floating around?  I wouldn't say it is open.
0
 

Author Comment

by:syntec
ID: 36530045
We use  a dns name to access the ip address and have RDP forwarded to the server.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:syntec
ID: 36530619
hack attempts are being made.  What is a better way to set up remote access?
0
 
LVL 1

Accepted Solution

by:
makyj earned 2000 total points
ID: 36533763
Depends on which version your DC is running.

You could

a)  Set up a RD Gateway on your (assuming) exchange server (need Server08 as a minimum IIRC) - this is seamless to the user RDPing in, and works well
b)  Set up TS Web Access (need Server08 as a minimum IIRC)
b)  VPN in and then RDP to server (works well in pre-Server08 OS)
c)  Change the port number of RDP to eg 33891 (not the best option, but a quick fix...)

Hope that helps...
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36534116
you should NEVER leave rdp open to the internet, not on another port or anything.

makyj is right about the RDG
But I would advise buying a small hardware firewall, which can do VPN as well
example Watchguard XTM22 (costs around 600$)

and if that really isn't an option, then you better use something like logmein , this way you're "secured"
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses
Course of the Month12 days, 23 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question