473,406 Members | 2,633 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > iis / internet information server > questions > login attacks, logon process: iis - help

Join Bytes to post your question to a community of 473,406 software developers and data experts.

login attacks, logon process: IIS - help

I'm running IIS6 Windows2003, and as you'll see very quickly.. I'm pretty new to this stuff.
Lately I've been getting bombarded with login attempts.... sometimes several in the same second, and it can last for hours. The event viewer shows the following information for the failed login:

Logon Failure:
Reason: Unknown user name or bad password
User Name: Admin
Domain: AXXXXX
Logon Type: 8
Logon Process: IIS
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: BXXXXX (my server's name)
Caller User Name: BXXXXX$
Caller Domain: AXXXXX (my domain)
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 1812
Transited Services: -
Source Network Address: -
Source Port: -

I don't know much about the authentication process... but what is the significance of 'Logon Process: IIS' ? It seems to me that they're just trying to login into the server itself... like somebody would remotely log in to a server. Does this mean they're logging in to IIS itself? I'm confused.... Also, any advice on dealing with these attacks, or finding out useful information (like finding the ip address that its coming from) would be greatly appreciated.
Aug 8 '08 #1
1 3947
kenobewan
4,871 Expert 4TB
Either they are programmatically trying to crack your admin account or bring your server down.

Don't have an admin account available through your application, operate on least privilege and capture data about them - IP etc. Lock accounts after three attempts. With IP you can also capture limit the number of requests from them and redirect them each time after that, for a certain time period if you wish. You may also want to check out your throttling and buffering methods.

IIS is involved whenever a web application is accessed, prior to the request reaching the application.
Aug 9 '08 #2

Sign in to post your reply or Sign up for a free account.

Similar topics

3
HELP W/ PHP Session Login App
by: neilphan | last post by:
Hi Guys, Please HELP! I'm new to PHP and would like to get your professional help! I"m writing simple and small login app using php session variable. I have 3 php scripts. The first is just a...
PHP
23
Login failed for user null occurs after a period of time
by: cerilocke | last post by:
I have an identical SQL database on two machines (my machine and a web server) that links to a database on a third server (S3). When I execute a stored procedure on my machine that accesses a...
Microsoft SQL Server
0
login errors editing remote pages
by: Karl Lang | last post by:
Hi I'm trying to edit pages from inside Visual Studio 2002 on a remote server Windows 2000 using FrontPage extensions. Its been working fine for quite a few weeks but since a problem with the...
ASP.NET
10
Preventing login as 'NT AUTHORITY\ANONYMOUS LOGON'
by: et | last post by:
I have an asp.net program that uses a connection string, using integrated security to connect to a sql database. It runs fine on one server, but the other server gives me the error that "Login...
ASP.NET
4
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON
by: Buggyman | last post by:
Hi, I'm having problems with good old error... Login failed for user 'NT Authority\Anonymous logon'. The default web page comes up fine, but when the user attempts to log in (which checks...
ASP.NET
6
Classic ASP - Custom Login Page - Redirects to Windows Auth websit
by: =?Utf-8?B?UGFyYWcgR2Fpa3dhZA==?= | last post by:
Hi All, We have a requirement where we have to develop a custom Login Page which will accept user's NT credentials ( Username , password, domain name). This then needs to be passed to a website...
ASP / Active Server Pages
19
Proposal for Lite Encryption for Login Form without SSL
by: klenwell | last post by:
Another request for comments here. I'd like to accomplish something like the scheme outlined at this page here: http://tinyurl.com/3dtcdr In a nutshell, the form uses javascript to hash...
PHP
13
JodiPhillips
Extension of LogIn Table to display form based on user status
by: JodiPhillips | last post by:
G'day, I have a silly and simple problem that I need some guidance with. Due to the way our network is set up, I am unable to use the group permissions for Access and have had to implement log...
Microsoft Access / VBA
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!