S
Steve Everington
Hello
I have been getting a series of (a few hundred) failed login attempts in the
early hours of the morning (a series of 529 & 681 login failure security
events). The 529 entry has a login in type of 3, which I believe is a
network login and the workstation name is the server's name.
Is there a way of telling whether the events are being caused by attempted
logins on my VPN or by a trojan/virus running on my server or some other
source?
Thanks
Steve Everington
I have been getting a series of (a few hundred) failed login attempts in the
early hours of the morning (a series of 529 & 681 login failure security
events). The 529 entry has a login in type of 3, which I believe is a
network login and the workstation name is the server's name.
Is there a way of telling whether the events are being caused by attempted
logins on my VPN or by a trojan/virus running on my server or some other
source?
Thanks
Steve Everington