Detect attacks that target your web server by tracking failed login attempts in Windows, SQL Server and Exchange/SMTP with this application.
- AttackTracer
- Version :1.23.0
- License :Freeware
- OS :Windows All
- Publisher :Servolutions
AttackTracer Description
The Internet opens the gates to a new world where connectivity and digital communication means are in the spotlight. However, the number of threats and hacking attempts has grown along with the continuous rise of the Internet usage. AttackTracer is a simple utility designed for scanning your web server’s logs in order to detect possible attacks.
Analyze Windows logs to detect login fails
No installation is required, so you just have to double click on the downloaded file to start the application. Due to its nature, AttackTracer requires you to have administrative privileges to start. Otherwise, it might freeze and crash.
Its main window is simple, displaying the scanning results, alongside the number of found attack attempts and the IP addresses that are trying to breach in. AttackTracer analyzes the Windows event and the application logs to find consecutive failed logins that might betray a possible attack. Additionally, it tries to find authentication fails in the SQL Server log and Exchange/SMTP.
Bots and AttackTracer’s capabilities to detect them
AttackTracer can also identify automated hacking attempts using so-called bots. These scan entire ranges of IP addresses, trying to find opened FTP or RDP conections and also targeting running SQL services. Then, the bot attempts to brake in the system by trying out a plethora of frequently-used passwords.
If you are lucky and the password is not revealed, then you can detect future attacks by monitoring the server load, which significantly increases.
Reveal botnet attacks by scanning server logs
The dangers of the Internet can reach your Windows server with ease, it’s up to you to search for the perfect security solution. It’s not enough to have a security solution, but you must take care and closely monitor incoming connections. The higher the traffic, the more probable is that your server is under siege.