Error 4625 "An account failed to log on"

Using a Win2008 server with RDS active. Getting numerious Error 4625 on the server. As of the last 2 days, there were 11,850 attempts. Our domain (DNS & DHCP) are handled on a SBS Win2003 server; the Win2008 is doing the heavy lifting.
Our intent is to move all functions over to the Win2008 server and disconnect the Win2003 server. The firewall is currently on the Win2003 server.
What steps can we take?
deanindAsked:
Who is Participating?
 
BlueComputeCommented:
Is RDP exposed to the internet?  Chances are it is getting brute-force attacked by an automated process.  One option would be to implement Terminal Services Gateway - this means you only open 443 rather than 3389, which gets a lot of attacks.  Also review: http://security.stackexchange.com/questions/17352/win-server-2008-rdp-attack
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.