Re: Failed login attempts, anything else I can do?
- From: Holz <none@xxxxxxxx>
- Date: Mon, 11 Feb 2008 08:22:32 -0800
Homer Jay wrote:
Recently I have started noticing failed login attempts to my server, theseDo you know if the attempts are internal or external?
are the usual attemps at trying to login with various usernames (local,
consumer, admin etc). I am not hugely stressed over these as I believe
that since I can see them as failed, the hacker is not able to get into
the server.
But, I am wondering if there is anything else I can do to secure the
server. I have changed the admin name, the only services/ports that are
open are ones needed for RWW, OWA etc, I have it set to lock users after 3
failed logins, turned on auditing and implemented a (hopefully) pretty
decent password policy (although I need to do some user educating on
this).
Are there any others tips/tricks that I can use to help make my server
just that bit extra secure?
Thanks.
What type of perimeter security do you have? ISA Installed?Hardware
firewall?
Also make sure your password complies with the complex guidelines, add a
little bit to that as suggested in the past threads here, something like 15
characters. Firefox has a nice extension called secure password which can
generate some nice passwords.
--
:-)
.
- Follow-Ups:
- Re: Failed login attempts, anything else I can do?
- From: Homer Jay
- Re: Failed login attempts, anything else I can do?
- From: Larry Struckmeyer
- Re: Failed login attempts, anything else I can do?
- References:
- Failed login attempts, anything else I can do?
- From: Homer Jay
- Failed login attempts, anything else I can do?
- Prev by Date: Failed login attempts, anything else I can do?
- Next by Date: Re: Company Web and ISA issue
- Previous by thread: Failed login attempts, anything else I can do?
- Next by thread: Re: Failed login attempts, anything else I can do?
- Index(es):
Relevant Pages
|
