: Are these hacking attempts or something less sinister? I just had a look through our web server error logs, and Terminal services is reporting: "Remote session from client name a exceeded the

I just had a look through our web server error logs, and Terminal services is reporting:

"Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated."

Hundreds of times, every 10.5 seconds or so for a period of about 5-10 minutes, once at 2pm yesterday and once again at about 1am this morning.

We CURRENTLY have RDP open to the outside, as I am just completing the setup and now and then I/Others need to jump on from an outside office/location (VPN isn't an option)

As these are so regular, am I right in assuming that they may be the result of some sort of dictionary attack? or could something like an internal admin's hung session cause such a mass of events?

(Win Server 2008 R2)

10.01% popularity Vote Up Vote Down

: Auto-apply a role to new phpBB user with password or code Is there a way, with phpBB to have a new user enter a password which would automatically move them into a specific role? I'd like

@Dunderdale272

Posted in: #Forum #Phpbb #Registration

0 Comments

: How to add rss feed to website Actually, i want to add rss feed to my website which can be read by google reader. For this what all should i do? I use php to create my website and i

@Dunderdale272

Posted in: #Rss #Xml

1 Comments

: Magento custom content types What is the best way to manage custom content types (like in Drupal) in Magento Community? For example I want to make a catalog of jobs (name, desc, image) or

@Dunderdale272

Posted in: #Magento

2 Comments

: How does Google detect duplicate content? have a quick question about duplicate content. How does google work this all out? In that on my pages I have a form on each page with the same bit

@Dunderdale272

Posted in: #DuplicateContent #GoogleSearch #Seo

3 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Margaret670

Yeah, sounds like it. Normally in the logs it will advise of an IP address, this may be a good indicator.

I had almost identical (but mine was via a SQL Server weakness and an open port), in the end the attacks were so constant it stole all the bandwidth (port flooding I think is the term)

10% popularity Vote Up Vote Down

Feed

: Are these hacking attempts or something less sinister? I just had a look through our web server error logs, and Terminal services is reporting: "Remote session from client name a exceeded the

More posts by @Dunderdale272

: Auto-apply a role to new phpBB user with password or code Is there a way, with phpBB to have a new user enter a password which would automatically move them into a specific role? I'd like

: How to add rss feed to website Actually, i want to add rss feed to my website which can be read by google reader. For this what all should i do? I use php to create my website and i

: Magento custom content types What is the best way to manage custom content types (like in Drupal) in Magento Community? For example I want to make a catalog of jobs (name, desc, image) or

: How does Google detect duplicate content? have a quick question about duplicate content. How does google work this all out? In that on my pages I have a form on each page with the same bit

Login to post a comment!

1 Comments

Back to top | Use Dark Theme