Is there any MS Patch available to guard system again Brute FOrce Attack ?MCSE Certified

Can you please specify the context for this query ?I do not represent the organisation I work for, all the opinions expressed here are my own. This posting is provided "AS IS" with no warranties or guarantees and confers no rights. - .... .- -. -.- ... --..-- ... .- -. - --- ... ....

I have found unwanted traffic from public ip addresses and later security team found that it was because of an application ZmEu to run brute force attack against our servers. So, i am looking for a patch available, if any to safe my servers from being a victim.MCSE Certified

Is there any MS Patch available to guard system again Brute FOrce Attack ? MCSE Certified Bharat, There is no patch for bruteforce attacks. You just need to make sure that you have proper password lockouts and maximum attempts configured to help prevent a successful attempt. The best that you can do is to detect the traffic and involve the authorities to stop it from happening and update your firewall on the fly to discontinue or route their traffic to a different host. Routing to a different host keeps their attempts going without hinting that they have been detected. Additionally, Intrusion Prevention Systems are also good at stopping these attacks and permitting the login attempt traffic to the server. Best RegardsSteve Kline Microsoft Certified IT Professional: Server Administrator Microsoft Certified Technology Specialist: Active Directory, Network Infrastructure, Application Platform, Windows 7 Microsoft Certified Product Specialist & Network Product Specialist Red Hat Certified System Administrator Microsoft® Community Contributor Award 2011 All opinions expressed on my own behalf and not that of my company. This posting is "as is" without warranties and confers no rights.

I have not heard of any patch being released recently to prevent brute force attacks. Patch MS00-089 was released long time ago however, that was for WS 2000. This patch is definitely NOT applicable to newer versions of operating systems. You can prevent such attacks in future by following some good practices Isolate Internet facing servers from your intranet and place them in DMZ. In that way, you can secure your internal NetworkHarden your Servers before putting them into DMZ.Configure your network firewall just to allow specific ports.Security patches are released very often whenever a vulnerability is identified, make sure patch your servers regularly.There h/w appliances as well as software products available to secure your servers/network from attacks, you might want to use themMake sure AV installed on Servers are update regularly.I do not represent the organisation I work for, all the opinions expressed here are my own. This posting is provided "AS IS" with no warranties or guarantees and confers no rights. - .... .- -. -.- ... --..-- ... .- -. - --- ... ....

Is there any MS Patch available to guard system again Brute FOrce Attack ? MCSE Certified Bharat, There is no patch for bruteforce attacks. You just need to make sure that you have proper password lockouts and maximum attempts configured to help prevent a successful attempt. The best that you can do is to detect the traffic and involve the authorities to stop it from happening and update your firewall on the fly to discontinue or route their traffic to a different host. Routing to a different host keeps their attempts going without hinting that they have been detected. Additionally, Intrusion Prevention Systems are also good at stopping these attacks and permitting the login attempt traffic to the server. Best RegardsSteve Kline Microsoft Certified IT Professional: Server Administrator Microsoft Certified Technology Specialist: Active Directory, Network Infrastructure, Application Platform, Windows 7 Microsoft Certified Product Specialist & Network Product Specialist Red Hat Certified System Administrator Microsoft® Community Contributor Award 2011 All opinions expressed on my own behalf and not that of my company. This posting is "as is" without warranties and confers no rights.

I have not heard of any patch being released recently to prevent brute force attacks. Patch MS00-089 was released long time ago however, that was for WS 2000. This patch is definitely NOT applicable to newer versions of operating systems. You can prevent such attacks in future by following some good practices Isolate Internet facing servers from your intranet and place them in DMZ. In that way, you can secure your internal NetworkHarden your Servers before putting them into DMZ.Configure your network firewall just to allow specific ports.Security patches are released very often whenever a vulnerability is identified, make sure patch your servers regularly.There h/w appliances as well as software products available to secure your servers/network from attacks, you might want to use themMake sure AV installed on Servers are update regularly.I do not represent the organisation I work for, all the opinions expressed here are my own. This posting is provided "AS IS" with no warranties or guarantees and confers no rights. - .... .- -. -.- ... --..-- ... .- -. - --- ... ....

Hi, I agree with above posters, there arent patches for Brute Force attack. For maximum security, you can install a hardware firewall to protect your small office network, and then combine it with ICF or another host-based firewall. You can configure host-based firewalls for individual machines so that each machine on your network can have different network permissions, if thats what you need. In addition, host-based firewalls can alert you when software on a machine that has a firewall is sending out data when it shouldnt. Hardware-based firewalls are typically very flexible and powerful; once you get them set up, you can leave them alone and let them work to silently protect you. Most methods of attack attempt to take advantage of known computer security issues. Implementing the following features can provide significant protection for client computers: Personal firewall (Windows Firewall)Updating service packs and patches (Auto-Update)Antivirus software with up-to-date signatures (Windows Live OneCare)Antispyware software with up-to-date signatures (Windows Defender) For more information please refer to following MS articles: Best way to protect against brute force attack? http://social.technet.microsoft.com/forums/en-us/winserversecurity/thread/F97FF18E-DD41-4E57-94A5-0F47B6D85B54 Protecting Client Computers from Network Attacks http://technet.microsoft.com/en-us/library/cc875823.aspx Firewalls http://technet.microsoft.com/en-us/library/cc700820.aspxLawrence TechNet Community Support

Hi, I agree with above posters, there arent patches for Brute Force attack. For maximum security, you can install a hardware firewall to protect your small office network, and then combine it with ICF or another host-based firewall. You can configure host-based firewalls for individual machines so that each machine on your network can have different network permissions, if thats what you need. In addition, host-based firewalls can alert you when software on a machine that has a firewall is sending out data when it shouldnt. Hardware-based firewalls are typically very flexible and powerful; once you get them set up, you can leave them alone and let them work to silently protect you. Most methods of attack attempt to take advantage of known computer security issues. Implementing the following features can provide significant protection for client computers: Personal firewall (Windows Firewall)Updating service packs and patches (Auto-Update)Antivirus software with up-to-date signatures (Windows Live OneCare)Antispyware software with up-to-date signatures (Windows Defender) For more information please refer to following MS articles: Best way to protect against brute force attack? http://social.technet.microsoft.com/forums/en-us/winserversecurity/thread/F97FF18E-DD41-4E57-94A5-0F47B6D85B54 Protecting Client Computers from Network Attacks http://technet.microsoft.com/en-us/library/cc875823.aspx Firewalls http://technet.microsoft.com/en-us/library/cc700820.aspxLawrence TechNet Community Support