Microsoft Azure Active Directory Overview and Failed Authentication & Log Observation

In this tutorial I demonstrate the install of MS SQL Server on a VM and the failed login attempts into SQL server from another VM, an “attack VM” I created. I show this through the security logs on windows event viewer in the main VM.

Environments and Technologies Used

-Microsoft Azure Cloud Platform

-Microsoft Azure (Virtual Machines) abbreviated VM. VMs are used to install the SQL Server and also view the event logs.

-Remote Desktop Protocol (RDP) is used to connect to the virtual machines. (For this demonstration I use the RDP app in the Microsoft Store).

-Windows Event Viewer to view the logs showing the failed authentication attempts.

Operating Systems Used

-Windows 10 (21H2)

Video Demonstrations

Part one below I complete the follwing:

-Configure the VM firewall too accept all inbound traffic

-The install of MS SQL Server

-Turn off windows firewall

-The install of SQL Server Management Studio (SSMS)

-Enable logging for the SQL server to be ported into event viewer

-Test logging in event viewer

In Part two below I complete the following:

-Attempt to RDP five times into the main VM from the attack VM using the wrong credentials

-RDP into the main VM from the attack VM using the correct credentials

-From the main VM, inspected the failures and successes (Security log for RDP, Application log for SQL)

This is the end of the lab. I hope it was helpful. Thank Your for Watching.

error: Content is protected !!