Hello Everyone On our Windows eCommerce Web servers we've seen a significant upitck in people testing our password security with repeated entries in the Security Event log for bad username/password, at distinct intervals (such as every 15 seconds for 30 minutes) coming in from quite literally all over the world. We have 25 character randomly generated passwords that we change constantly, nobody has gotten in yet... A couple of things I am contemplating but am not sure if they are possible: 1) Can I setup remote desktop to only accept connections over one NIC (i.e. the VLAN internal to the rack). That way, I can remote desktop into less visible staging and development servers, and remote desktop from there into production boxes? 2) Can I block an I.P. address completely. Yes, you can do this on a web site in asp.net, but is there a way to do this in IIS or Windows itself? We have someone from China who is hitting us daily with attempt after attempt. We're a small company, not an enterprise with thousands and thousand of dollars. Can anyone recommend a simple, reasonably priced security tool that will make this whole process less labor intensive? It it excruciating to pore over Windows logs every day. Thanks, all advice is welcomed

seek advice in the IIS forums http://forums.iis.net/http://www.arabitpro.com