Re: Block clients from accessing domain controllers

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Rob McShinsky (Anonymous_at_List.com)
Date: 04/13/04 

Date: Tue, 13 Apr 2004 10:23:05 -0400

Yes there is something missing. We have 6000 desktops/laptops and our team
does not manage the network or at times are not the admins for the machines.
The time it takes to disconnect a port at a remote site while there are 30
or 40 other machines hammering away is often too long. I want to be able to
stop the machine in the interum.

"Steve Parry" <k100rs_1990@nospamhotmail.com> wrote in message
news:%23Q%23AGtVIEHA.1220@tk2msftngp13.phx.gbl...
>
>
> "Rob McShinsky" <Anonymous@List.com> wrote in message
> news:uE68PkVIEHA.1412@TK2MSFTNGP12.phx.gbl...
>> I am looking for a quick and dirty way to block identified clients both
>> inside and outside the domain from making logon attempts to the domain
>> controller. We have had some internal problems with variant of the
>> Gaobot
>> virus which try feverishly to use its list of username and passwords
> against
>> the domain controller. We have seen upwards of 200000 failed logon
> attempts
>> in 15 minutes. This is causing a type of denial of service situation
> where
>> the domain controllers at out main site are getting loaded so much that
>> logon requests are being sent to DC's at different AD sites across slower
>> links. Any thoughts would be helpful.
>>
>> Rob McShinsky
>>
>>
>
> If you've identified the clients can you not just pull their network cable
> and fix them or have I missed something?
>
>

Relevant Pages

  • Re: Local Security Policy in Windows XP Home
    ... the logon profiles and have disabled the guest account. ... It's a network component that should be checked ... >> machines and a 2Wire router. ... I can access shared files from Charlie to Alpha ...
    (microsoft.public.security)
  • Re: Losing Mapped Drives
    ... "Windows cannot obtain the domain controller name for your computer ... (The specified domain either does not exist or could not be ... There are currently no logon servers available to service the logon ... Make sure that the computer is connected to the network and try again. ...
    (microsoft.public.windows.server.general)
  • Re: intermittent problems with software install via GPO
    ... netdiag on one of the problem machines. ... > No Domain Controller is available for domain LONGWOOD due to the ... > There are currently no logon servers available to service the logon ...
    (microsoft.public.win2000.security)
  • Odd Logon Delay with 2byte transfers
    ... authenticating domain controller is on a gigabit link to the respective ... member servers (campus network). ... the logon process, "Applying Registry settings" appears to last the absolute ... Because it is inconsistent, it is proving very hard to determine progress. ...
    (microsoft.public.windows.server.active_directory)
  • Re: not prompting for password change
    ... server because it is never used by anyone in Australia. ... Network Hardware like the switch or NIC. ... Could it really be a NIC as this is happening on multiple machines? ... All of these machines can get to the domain controller, ...
    (microsoft.public.win2000.active_directory)