Are you being hacked?
If your Windows server is accessible from the internet and you want certain services like remote desktop, FTP transfers or SQL-Server to be available from outside then hacking attempts on your server will definitely be made. Numerous automated hacking tools, called "bots" are active on the internet. They scan IP address ranges for published services and when they find FTP, RDP or SQL-Server services active they will try hundreds or even thousands of frequently-used passwords. "Administrator" (rdp) and "sa" (superuser for SQL-Server) are the most targeted accounts. As long as the bots don't guess your passwords right you'll probably never now about them, apart from the high server load caused by the thousands of login attempts.
For this purpose we created AttackTracer, a free tool that you can use to scan your server logs for hacking attempts to find out if you are a target as well.
AttackTracer is the precursor app of BotFence, the fully automatic solution that works as a background service and dynamically lists attacking IP addresses in the Windows firewall.
Free Download:
This is the unlimited full version of AttackTracer.
Features:
- Reads hacking events from Remote Desktop, SQL-Server, FTP und Filezilla-FTP
- Shows the country of the attacking IPs
- Lists all attacks grouped by IP/li>
- Can send you an email with details about all the attacks