troubleshooting Question

How can I stop random login attempts against my Windows Server 2008 R2?

Avatar of Jim Klocksin
Jim KlocksinFlag for United States of America asked on
Windows Server 2008* remote app
9 Comments2 Solutions274 ViewsLast Modified:
I had this question after viewing Tracking down source of Event ID:  4625 on Windows 2008R2 server.

I'm getting literally hundreds of attempted logins (all of which fail) showing the same Event ID (4625), but, in my case, each attempt shows a different LOGINNAME (e.g. JESUS, LISA, MARIA, the list goes on and on....).  My situation is very similar to the prior question, but I have no idea what to do and the "solution" as stated in the prior question (a "rogue" device) is not the issue....below is a screen shot of my event viewer.

David Johnson, CD
The More I know, the more I don't know
Join our community to see this answer!
Unlock 2 Answers and 9 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros