This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LogonUI.exe - brute-force or massive dictionary attack- How to lock this ?

Any one know if the Advanced Threat Analysis can block this attack that can through the VPN Client link ?
I have a Server that are recaiving many RDP attempt access through my VPN users, but I can block RDP because I use this and the VPN user also, but I need that the firewall analyse if the server is receiving many attempt from the same IP and block only for this... or somenting like that...
I think this could be a vírus..

Follow the link that show this fail.

http://serverfault.com/questions/315819/too-many-winlogon-exe-logonui-exe-csrss-exe-open-on-server/339845

tks

This thread was automatically locked due to age.

Parents

0 TonyCruz over 9 years ago

My UTM 9 Model is a SG330 with HA.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 TonyCruz over 9 years ago

My UTM 9 Model is a SG330 with HA.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data