login failure with different id

General (Technical, Procedural, Software, Hardware etc.)

Last Post by keydet89 7 years ago

2 Posts

2 Users

0 Reactions

707 Views

RSS

afsfr

(@afsfr)

Eminent Member

Joined: 7 years ago

Posts: 37

Topic starter 12/12/2018 7:53 am

we encounter issue, we find there are multiple failed login in our windows AD server, source ip are all external, port are all random, user id are all different and seems like brute force attack, is there any way we can setup windows 2012 server to disallow external ip login? any idea how firewall can be bypassed in such case?

Quote

keydet89

(@keydet89)

Famed Member

Joined: 21 years ago

Posts: 3568

12/12/2018 11:56 am

> … is there any way we can setup windows 2012 server to disallow external ip login?

You're reported that the login attempts have all failed…as such, it would seem that the server is disallowing the attempts.

> any idea how firewall can be bypassed in such case?

There is nothing in your initial post to indicate that the firewall was bypassed. Is it possible that you don't have the firewall enabled?

ReplyQuote

8 Forums
15.7 K Topics
92.3 K Posts
265 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed