Failed Logon Attempts on my PC

Sergio Franco 20 Reputation points
2024-04-03T21:11:43.16+00:00

I have several (over 20,000) login attempts coming from a suspicious IP. I think I'm getting bruteforced. I don't understand how since I use a NordVPN and as far as I know, they don't have a way to get inside my network. I do have remote desktop enabled, though. Can someone take a look and help me out, and figure out what I'm looking at?

EventData
EventData
SubjectUserSid S-1-0-0
SubjectUserSid S-1-0-0
SubjectUserName -
SubjectUserName -
SubjectDomainName -
SubjectDomainName -
SubjectLogonId 0x0
SubjectLogonId 0x0
TargetUserSid S-1-0-0
TargetUserSid S-1-0-0
TargetUserName mytech
TargetUserName mytech
TargetDomainName -
TargetDomainName -
Status 0xc000006d
Status 0xc000006d
FailureReason %%2313
FailureReason %%2313
SubStatus 0xc0000064
SubStatus 0xc0000064
LogonType 3
LogonType 3
LogonProcessName NtLmSsp
LogonProcessName NtLmSsp
AuthenticationPackageName NTLM
AuthenticationPackageName NTLM
WorkstationName WIN-ELR6OLENQG4
WorkstationName WIN-ELR6OLENQG4
TransmittedServices -
TransmittedServices -
LmPackageName -
LmPackageName -
KeyLength 0
KeyLength 0
ProcessId 0x0
ProcessId 0x0
ProcessName -
ProcessName -
IpAddress 45.129.14.224
IpAddress 45.129.14.224
IpPort 0
IpPort 0
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,653 questions
0 comments No comments
{count} votes

Accepted answer
  1. S.Sengupta 18,676 Reputation points MVP
    2024-04-04T01:21:20.5233333+00:00

    Disable Remote Desktop when not required and when required enable that.

    If you must keep Remote Desktop on, ensure you have a very strong password set for it. A long password with a mix of upper and lowercase letters, numbers, and symbols is ideal.

    Wherever possible, enable two-factor authentication for your accounts.

    Run a scan with your antivirus software to rule out any malware that might be facilitating the attack. Update the system.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.