Zitat von mpachmann am 22. September 2022, 16:33 Uhr

https://www.bleepingcomputer.com/news/microsoft/windows-11-gets-better-protection-against-smb-brute-force-attacks/

To take advantage of the boost of protection against brute-force attacks on systems running Windows Server, admins have to enable it manually using the following PowerShell command (where n is the delay time between each failed NTLM auth attempt):

Set-SmbServerConfiguration -InvalidAuthenticationDelayTimeInMs n

"This behavior change has no effect on Kerberos, which authenticates before an application protocol like SMB connects. It is designed to be another layer of defense in depth, especially for devices not joined to domains such as home users," Pyle added.