Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

terminal server attack from specific IP addresses

Posted on 2013-01-23
1
Medium Priority
?
645 Views
Last Modified: 2013-01-25
We have a Sonicwall for firewall and win 2k3 and win 2k8 terminal servers.

Someone is trying to access our terminal servers  using the "admin" user name along with other user names.  So far access has been denied but I know the specific IP addresses that are trying to attack us....Is there anything I can do to block these particular IP Addresses?

Also, the ports that are being used to try to gain access are different every time.
Any and all advice/help would be greatly appreciated!
0
Comment
Question by:Lamrski
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 40

Accepted Solution

by:
als315 earned 2000 total points
ID: 38810939
You can add blocking rule for this IP address. Sample you can find here:
https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5973

You can also determine ISP, where this address is:
http://whois.domaintools.com/
and write a letter to ISP's contact address, descrbing situation.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
What we learned in Webroot's webinar on multi-vector protection.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question