P
Paul Proefrock
We had a recent entry in our Security Log, showing someone had tried to log
on remotely with a user name not in our system. The log said they tried
repeated passwords. The user name they attempted was "webmaster"
This smells fishy to me and I am curious if I should take any additional
steps to maintain our security. We do not use a domain name but a IP
address for our box so someone would have to know the address to hit it. We
have locked down all ports except those necessary for our VPN and RWW/Remote
Access. Our passwords are the secure type but we don't change them
regularly. There are five users on the system and no one has left the
company that would point at a disgruntled ex-employee.
Should I be doing anything else? Our SBS2003 SP1 box sits behind a Linksys
router with 2 NIC cards. Typical 192.168.1.1 outside addresses,
192.168.16.xxx inside addresses. The passwords into the router and server
are 9 character alpha/numeric/symbol so are relatively secure.
Suggestions or should I be concerned?
Thanks
Paul P
on remotely with a user name not in our system. The log said they tried
repeated passwords. The user name they attempted was "webmaster"
This smells fishy to me and I am curious if I should take any additional
steps to maintain our security. We do not use a domain name but a IP
address for our box so someone would have to know the address to hit it. We
have locked down all ports except those necessary for our VPN and RWW/Remote
Access. Our passwords are the secure type but we don't change them
regularly. There are five users on the system and no one has left the
company that would point at a disgruntled ex-employee.
Should I be doing anything else? Our SBS2003 SP1 box sits behind a Linksys
router with 2 NIC cards. Typical 192.168.1.1 outside addresses,
192.168.16.xxx inside addresses. The passwords into the router and server
are 9 character alpha/numeric/symbol so are relatively secure.
Suggestions or should I be concerned?
Thanks
Paul P