-
audit login fail and restrict number of atempt
Hi everybody,
I found 100 entries with milisecond
difference in error log
"Login failed for user 'sa'"
does it look like attack ?
1. Can I restrict number of failed login ?
2. What events to trace in order to get
ip address for for station that trying to login as sa and fail?
Thank you
Alex
-
1. With Sql server login you can't restrict number of attempts, this is one the reasons to go Windows Authentication.
2. You may have to use a network monitoring tool.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|