I have a cloud server where I am hosting a website. It is a Windows Server 2012 R2. Recently I noticed a message in my account control panel saying something like this:
"CRITICAL NETWORK - 384 kbit/s received 12.11 MBit/s transfered"
This is the first time I received a message like this. The server has been operating since 2015.
I am not a network administrator so I do not really know how to proceed. So, I will very much appreciate any support/help you can provide to find out what is going on.
I had watched the Network Activity in Task Manager and I am attaching a screenshot just as a reference. Maybe I need to go over log files but I a not sure which ones are the correct to review and how to proceed.
For example, I watched the System log and I see error entries like this:
"A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203."
I found the error below in the Administrative Events log:
"The RD Session Host server received large number of incomplete connections. The system may be under attack."
Something I should say is that I use Remote Desktop to connect to my cloud server.