Have been running a DX4000 for our small company mostly as a file server and to perform client backups of Windows machines. Our users store Word, Excel, and PDFs, and a big image library of jpgs and gifs.
I use RDP to manage the DX4000 (versus just opening the dashboard).
Outside of my own administration of the DX4000 via RDP, none of us in the company need to access this remotely - either onsite or offsite.
It was initially setup with a static IP, and I think it’s time to change that as it is now getting a brute-force attack through RDP and I don’t see any option to change the RDP listening port on the Sentinel.
Another thing is, our building will be going from DSL to Cable in a few months, which will surely cause an issue with the Static IP on the Sentinel.
So question is, is this a big deal to go from static IP to DHCP on this thing, or will it just create more problems?
was reading up on rudimentary best practices for win server, and it stated that you should change the default RDP port so you don’t get brute force attacked - which i am now.
went into the DX4000s firewall to attempt that, and it essentially won’t let me.
the Sentinel is getting hammered by a bot every 30 seconds and eating resources.
I’ve disabled the admin account and was going to setup a lockout policy, but it’s my understanding that is not enough, so I just want to take it off of the Internet and use it locally here onsite.
What I am not clear on, is if changing it to DCHP will hinder my ability to use RDP to connect to it, and will it disrupt the 7-8 people that access the data shares through windows explorer on their machines.
hope this make sense - I am obviously not full a Sys Admin or Network wiz, but learn quickly
The issue is you cannot have a brute force attack from outside unless you have port 3389 forwarded to the local ip of the DX
You are correct, it should not be on the internet.
so is it as easy as RDP’ing into the Sentinel and just removing the static IP from it and selecting DHCP instead? how would that affect that clients using the wd connector software?
You need to log into your router and look at port forwarding. If you tell me the make and model of your router I may be able to google the steps for you
yes tsgrinder is an issue if you have 3389 exposed/forwarded on your router to the server. These are attacks from outside that try to gain access over 3389. But your router must be configured to send 3389 traffic to your server to do this. You do not want 3389 open on your router
you need to figure out the ip of the router
open a cmd prompt on any pc and type ipconfig >enter
the default gateway is the ip of the router
open internet explorer and put that whatever it is 192.168.0.1 for example as the url and press enter
you should get a login
the username and password will be on a sticker on the router (userrname may be blank)
on the left you should see a button for port forwarding
