2

How to block login attempts with the Windows firewall?

view full story
linux-howto

http://serverfault.com – Which service(s) (or ports) should I block in the Windows firewall (for all except my own ip's) to stop these brute force login attempts? I noticed at least two different kinds of login "types" in the event viewer: 1. Process Information: -- Detailed Authentication Information: Logon Process: User32 Authentication Package: Negotiate 2. Process Information: Caller Process ID: 0x14cc Caller Process Name: C:\Windows\System32\winlogon.exe Detailed Authentication Information: Logon Process: NtLmSsp Authentication Package: NTLM (HowTos)