Hi Erland, I think Tom is mixing up us two from way up north, even the confusion is misspelled;-)

My (Eirikur :-D) first question is where are the attempts coming from? Is it through the web application or directly?

Follow Erland's advice on the firewall settings, you really want to isolate the SQL Server from the open internet! Secondly, disable SQL Server logins and use only Windows authentication. Last but not least, do not use NTLM authentication (backward compatible windows authentication)!!!

😎