Login attacks from masked IP address

[Guest WinoWally]

Our server (Server 2003 SP2) receives hundreds of attempted logins to the

administrator account from masked IP sources. Is there a way to deny masked

IP access to the server?

 

Thanks for any suggestions.

[Guest Thee Chicago Wolf]

Re: Login attacks from masked IP address

 

>Our server (Server 2003 SP2) receives hundreds of attempted logins to the

>administrator account from masked IP sources. Is there a way to deny masked

>IP access to the server?

>

>Thanks for any suggestions.

 

I don't see why you couldn't set some kind of ACL on either your

router or from a list of "allowed" IPs. That way the attackers

wouldn't even get to the (I'm assuming) DMZ facing login web page or

prompt. How are they trying to log in (telnet, ftp, ssh, RDP, etc)?

 

- Thee Chicago Wolf