In the past month I've noticed in my event viewer on a sql server a lot of failure audits. Seems like a brute force attack from an ip in china trying to log in to the sa account which i have disabled. I've blocked it on my network firewall but then a week later i'm getting the same attack from another ip also based in china. So far i've blocked 6 ips. Is there anything i can do to prevent this attack of do i just keep blocking ips?