troubleshooting Question

how to find out suspicious atta is on default rdp port 3389 on server ?

Avatar of Mr.X
Mr.X asked on
Windows Server 2012Windows Server 2008Windows Server 2003
5 Comments2 Solutions51 ViewsLast Modified:
got a server 2012
got a port forwarding to the server to  access from external . it’s just using default internal port 3389 on server
if I want to find out is there any suspicious attacks going on my rdp port . how do I find out? any particular event Id I need to look for ?
David Johnson, CD
The More I know, the more I don't know
Join our community to see this answer!
Unlock 2 Answers and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros