How can I prevent an IP address from getting into my network?

I am auditing success/failure security logons. Every day, I have at least one or two failures. It says event 529 unknown username or bad password. Log on type 3 workgroup 9q8t801. I have pinged this name, and the IP is not on any of my computers. How can I find out where this address is, and how do I prevent it from getting into the network? Thanks.
My research shows that your auditing details reveal that an intrusion attack is being attempted. If you can't ping the system, then it is an external attack. I'd make sure all of your passwords are strong and that you have account lockout enabled. If you have a reasonable ISP, I'd contact it and tell it about the intrusion attempt and give it all the details you can provide. If you have a router or firewall, configure them to record packet information on all authentication traffic.
This was first published in October 2003

Dig Deeper on Windows File Management



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:









  • VDI assessment guide

    Wait! Don't implement VDI technology until you know your goals and needs. A VDI assessment should consider the benefits of a VDI ...

  • Guide to calculating ROI from VDI

    Calculating ROI from VDI requires a solid VDI cost analysis. Consider ROI calculation models, storage costs and more to determine...

  • Keep the cost of VDI storage under control

    Layering, persona management tools and flash arrays help keep virtual desktop users happy and VDI storage costs down.