Protect your Web Server from Dictionary Attacks on Basic, Digest and NTLM Authentication.
RdpGuard
Intrusion prevention system for your Windows Server
 
Follow:
Like:
Share:

IIS Web Login Protection


Protection Overview

Many of the Web Servers use built-in IIS Authentication methods to limit access to some parts of the website like admin panels and customer areas.

The most commonly used authentication methods are Basic, Digest and NTLM.

Being widely used, these authentication methods are subject to brute-force attacks on a regular basis.

Everyone is able to download freely available brute-force tools and start abusing your server and flooding the logs with thousands of failed login attempts like below:

Failed IIS Login attempts

Failed IIS login attempts in the Security event log

Luckily these login attempts are logged in the Security event log and RdpGuard is able to detect and block these brute-force attempts even if they come over SSL/TLS.


To Enable IIS Web Login Protection

IIS Web Login Protection is completely covered by RDP Protection. IIS authentication methods generate the same 4625 events in Security event log as the RDP ones.

In order to enable brute-force protection for IIS authentication methods, please enable RDP protection as described in this tutorial.

RdpGuard 5.4.9 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
People like us
Our Other Products
FastGlacier
Windows Client for Amazon Glacier - new low-cost storage for data archiving and backup.
Copyright © 2012-2018 NetSDK Software. All rights reserved.  Terms of Use.  Privacy Policy.