Skip to content
View in the app

A better way to browse. Learn more.

Thailand News and Discussion Forum | ASEANNOW

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Event Viewer - Application (Windows Server 2003)

Featured Replies

Hi

Our server (Win 2003) is hosted in the UK. I have a dedicated IP address here in Bangkok and our server's configured to only allow access from that IP.

Today I checked the Event Viewer - Application and found that, over the past two days, there have been more that 30,000 attempts to log onto our database. They all appear to have failed. The IP address of every (30+) event I checked was hosted in China.

I will be contacting my UK hosting company when they wake up, but I was hoping for some additional insight before then.

My real questions are: If our server is configured to only allow access from my IP then how come all these log on attempts are being made? Is there any additional defense that I should be employing? Will this constant log on attempts slow down the database/server (logic suggests that it would)?

Cheers

Mick

Edited by bkkmick

Several years ago I ran a server on MS Server 2003 and had exactly the same issue you describe - 10,000 plus attempts (at a time) trying multiple combinations of username/password also from IP's originating in China. If I hadn't been monitoring event viewer I would have been none the wiser however I agree with you that it is safe to assume there must be some overhead on your resources.

I recall that the fix was not entirely straighforward and involved refusing connections from any IP after a certain number of failed login attempts. But like your single IP solution which gives you some protection, it won't stop them trying.

One obvious thing you should check is make sure that both your router and server are set not to respond to anonymous pings. That might stop them finding you in the first place.

I'm sure that if you google the problem you will find lots of suggestions. Also you can try "Shields Up" and other resources at grc.com which might help you diagnose where the hole is. They are a bit dated now but then so is Server 2003.

In my case I upgraded to Server 2008R2 and the problem went away.

Cheers

Edited by Dork

  • Author

Thanks for that Dork. We have had the Server for quite some time. I might ask the hosting company if we can upgrade.

I'll also take a look at shields up.

Cheers

Create an account or sign in to comment

Recently Browsing 0

  • No registered users viewing this page.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.