W
William A. Sempf
Hi, everyone. Don't usually frequent this group, hope you don't mind me
barging in.
A client has a Windows 2000 web server that is patched on time, every time.
One week ago, the Security log started showing someone attempting a login on
all users accounts, 30 times each, and failing.
Obviously, someone got the user list. I am assuming they used a badly coded
web page to access a username with XSS, then got into the registry from
there. Question is, what can I do about it?
Thanks in advance for any input you have.
barging in.
A client has a Windows 2000 web server that is patched on time, every time.
One week ago, the Security log started showing someone attempting a login on
all users accounts, 30 times each, and failing.
Obviously, someone got the user list. I am assuming they used a badly coded
web page to access a username with XSS, then got into the registry from
there. Question is, what can I do about it?
Thanks in advance for any input you have.