Server Fault is a question and answer site for system and network administrators. It only takes a minute to sign up.

Sign up to join this community

Anybody can ask a question

Anybody can answer

The best answers are voted up and rise to the top

How to stop Windows Server 2022 successful anomymous RDP logins

Ask Question

Asked 9 months ago

Modified 9 months ago

Viewed 117 times

0

I have a Windows Server 2022 server with IPBAN installed to make hacking it more difficult but in the logs occasionally I see:

2023-02-20 03:59:23.5304|WARN|IPBan|Login succeeded, address: XX.XXX.XXX.XXX, user name: ANONYMOUS LOGON, source: RDP

I've been searching and found that this is most likely harmless is this correct?

Also how do I replicate and prevent these logins?

asked Feb 20 at 4:37

Lil Cyanide

11 bronze badge

Did you even bother to check the logs on the target host?
– Greg Askew
Feb 20 at 6:15
This is from the target host...
– Lil Cyanide
Feb 20 at 6:59
I'm referring to the security logs. That have information about authentication.
– Greg Askew
Feb 20 at 12:05

Add a comment |

0

You must log in to answer this question.

Browse other questions tagged
windows
security
rdp
.