Re: Block clients from accessing domain controllers
From: Rob McShinsky (Anonymous_at_List.com)
Date: 04/13/04
- Next message: Marina Roos [SBS-MVP]: "Re: Remote administration"
- Previous message: CL: "HELP - Organization Unit Disappeared - Active Directory"
- In reply to: paisher: "Block clients from accessing domain controllers"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 13 Apr 2004 12:32:18 -0400
A little too dirty. That would shutdown the other 5000 people who do not
have the virus on their machine.
"paisher" <anonymous@discussions.microsoft.com> wrote in message
news:1761801c42169$45817050$a001280a@phx.gbl...
>
>>-----Original Message-----
>>I am looking for a quick and dirty way to block
> identified clients both
>>inside and outside the domain from making logon attempts
> to the domain
>>controller. We have had some internal problems with
> variant of the Gaobot
>>virus which try feverishly to use its list of username
> and passwords against
>>the domain controller. We have seen upwards of 200000
> failed logon attempts
>>in 15 minutes. This is causing a type of denial of
> service situation where
>>the domain controllers at out main site are getting
> loaded so much that
>>logon requests are being sent to DC's at different AD
> sites across slower
>>links. Any thoughts would be helpful.
>>
>>Rob McShinsky
>>
>>
>>.
>>Close port 88? Disable or stop the authentication
> service.
- Next message: Marina Roos [SBS-MVP]: "Re: Remote administration"
- Previous message: CL: "HELP - Organization Unit Disappeared - Active Directory"
- In reply to: paisher: "Block clients from accessing domain controllers"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
