My Alibaba Cloud server, because my account is the default administrator, the password is also a weak password set by myself, which caused the hacker to blast for 2 days, and finally the blasting was successful.
In response, how to prevent hackers from blowing up remote desktop account passwords?
1. First, open the "Start" menu of Windows Server 2008 system, click the "Run" command, enter the string command "Gpedit.msc" in the pop-up system running text box, and click the "OK" button to enter the Group Policy Edit dialog box.
2. Secondly, in the display area on the left side of the editing dialog box, position the mouse in the "Computer Settings" branch option, and expand the "Windows Settings/Security Settings/Account Policy/Account Lock Policy" group policy sub-item under the corresponding branch option.
3. In the display area on the right side of the corresponding Account Lock Policy group policy sub-item, find the target Group Policy Account Lock Threshold, right-click the option, and execute the Properties command from the pop-up shortcut menu.
4. Open the target group policy property setting window, in this setting window you can freely set the number of failed login attempts that trigger the system account to be locked as needed, the value is usually between 0 and 999, in order to strictly prohibit guessing the login password, the parameter should generally be set to "3", and finally click the "OK" button to save the above setting operation, so that when the illegal attacker tries to log in to the Windows Server 2008 system, when the wrong password is entered more than 3 times, The system will automatically lock the currently logged in user account.
|
Posted on 1/3/2017 9:35:03 AM
|
|
|
|
