• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

Error 4625 "An account failed to log on"

Using a Win2008 server with RDS active. Getting numerious Error 4625 on the server. As of the last 2 days, there were 11,850 attempts. Our domain (DNS & DHCP) are handled on a SBS Win2003 server; the Win2008 is doing the heavy lifting.
Our intent is to move all functions over to the Win2008 server and disconnect the Win2003 server. The firewall is currently on the Win2003 server.
What steps can we take?
0
deanind
Asked:
deanind
1 Solution
 
BlueComputeCommented:
Is RDP exposed to the internet?  Chances are it is getting brute-force attacked by an automated process.  One option would be to implement Terminal Services Gateway - this means you only open 443 rather than 3389, which gets a lot of attacks.  Also review: http://security.stackexchange.com/questions/17352/win-server-2008-rdp-attack
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now