Solved

terminal server attack from specific IP addresses

Posted on 2013-01-23
1
630 Views
Last Modified: 2013-01-25
We have a Sonicwall for firewall and win 2k3 and win 2k8 terminal servers.

Someone is trying to access our terminal servers  using the "admin" user name along with other user names.  So far access has been denied but I know the specific IP addresses that are trying to attack us....Is there anything I can do to block these particular IP Addresses?

Also, the ports that are being used to try to gain access are different every time.
Any and all advice/help would be greatly appreciated!
0
Comment
Question by:Lamrski
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 40

Accepted Solution

by:
als315 earned 500 total points
ID: 38810939
You can add blocking rule for this IP address. Sample you can find here:
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5973

You can also determine ISP, where this address is:
http://whois.domaintools.com/
and write a letter to ISP's contact address, descrbing situation.
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Rogue RDP Connections 5 103
encrypt SQL Server 2008 port 1433 3 41
Building highly redundant OnPremise ADFS service ? 15 60
security, windows patches update 17 32
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question