Not a malicious question, but I read a copy of the hacking windows exposed the other day, and the core of breaking into windows systems was weak passwords. But from the outside, surely your servers would not have ports open that allow someone to run a password attack on say a web server in the DMZ, would it? Or do people open ports on the firewall into web servers/servers in the DMZ that could be abused to run password attacks from the internet? I thought that sounded a bit far fetched, and that password attacks on windows machines would only really be an option for a naughty insider? What ports should I scan for on our web servers / open on the firewall to check they arent open to password attacks?

Hello, if you have a webserver that must have port 80/443 open so if people access this server and the server is vulnerable because of software not updated or whatever reason and this machine is hacked, you are open for any additional options from the hacker. You are not able to scan some ports if a machine is already hacked as this one will be sued and the information will be send whatever way programmed from the hacker.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Hello, if you have a webserver that must have port 80/443 open so if people access this server and the server is vulnerable because of software not updated or whatever reason and this machine is hacked, you are open for any additional options from the hacker. You are not able to scan some ports if a machine is already hacked as this one will be sued and the information will be send whatever way programmed from the hacker. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. What are the windows authentication ports on a typical windows server, i.e. 2003/2008? Be it logging in locally, or logging in as a domain account?