troubleshooting Question

How can I stop random login attempts against my Windows Server 2008 R2?

Avatar of Jim Klocksin
Jim KlocksinFlag for United States of America asked on
Windows Server 2008* remote app
9 Comments1 Solution273 ViewsLast Modified:
I had this question after viewing Tracking down source of Event ID:  4625 on Windows 2008R2 server.

I'm getting literally hundreds of attempted logins (all of which fail) showing the same Event ID (4625), but, in my case, each attempt shows a different LOGINNAME (e.g. JESUS, LISA, MARIA, the list goes on and on....).  My situation is very similar to the prior question, but I have no idea what to do and the "solution" as stated in the prior question (a "rogue" device) is not the issue....below is a screen shot of my event viewer.

Event-Viewer---Security-Audit-Failur.jpg
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 9 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros