I have a Windows Server 2022 server with IPBAN installed to make hacking it more difficult but in the logs occasionally I see:
2023-02-20 03:59:23.5304|WARN|IPBan|Login succeeded, address: XX.XXX.XXX.XXX, user name: ANONYMOUS LOGON, source: RDP
I've been searching and found that this is most likely harmless is this correct?
Also how do I replicate and prevent these logins?