Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 7261 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Accessing Ports

Milena Lowe

Hi

One of our users keeps getting locked out of the system as it appears that an outside source is trying to access the system using his name as the username but failing on the password. Is there anywhere I can check on the Firewall that shows inbound activity that has failed logins? I have checked the users desktop and cannot find anything in the event log.

I have a XG310 Firewall.

 

Thanks



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Milena Lowe

    Any attempt to open the email will affect the user account as well. Has nothing to do with XG firewall or Sophos UTM.

    But consider to change the incoming port for RDP,

    Example: your-ip:3390. Is the first thing to get more secure

  • 0 in reply to Ol Deda

    Unknown said:
    Example: your-ip:3390. Is the first thing to get more secure
     

     

    Disagree with this... RDP should NEVER be exposed on a public facing interface! Not on the standard port, and also not on a custom port (security through obscurity)

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Unfiltered HTML