Re: Hacker trying to get into our network
- From: Susan Bradley <sbradcpa@xxxxxxxxxxx>
- Date: Sun, 02 Mar 2008 12:48:59 -0800
Arretium wrote:
Additional info, here is what is showing up in my security log:First off if you have an open port, there will be pings. It's a part of life. If your passwords for remote access are long and strong, it doesn't matter how many times they try to knock on your door, you are still behind a strong password.
Security 529 3/2/2008 8:19 AM 11 *
Logon Failure:
Reason: Unknown user name or bad password
User Name: administrator
Domain: (my server's outside IP address)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: CHINAIPS-1013A
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 121.14.136.101
Source Port: 4239
I noticed that for Domain it listed my server's IP address. Is there
a reason he listed my IP address and not the name of my domain? Does
it matter?
Now then what kind of firewall do you have?
If you want more protection to the admin account, use www.authanvil.com for two factor on that admin account.
If you have email open to port 25 and this pinging bothers you, look into www.exchangedefender.com and filter the mail and limit the SMTP to just the outsourced email filter IP addresses.
.
- Follow-Ups:
- Re: Hacker trying to get into our network
- From: Arretium
- Re: Hacker trying to get into our network
- References:
- Hacker trying to get into our network
- From: Arretium
- Re: Hacker trying to get into our network
- From: Arretium
- Hacker trying to get into our network
- Prev by Date: Issues accessing shares
- Next by Date: Re: Getting trial in the UK
- Previous by thread: Re: Hacker trying to get into our network
- Next by thread: Re: Hacker trying to get into our network
- Index(es):
Relevant Pages
|
