I'm looking for a solution to make remote desktop more secure. I'm looking for a fail2ban like for windows and specially for RDP which will block IP in firewall after N failed retries Any help?
Asked
Active
Viewed 2.2k times
6
-
Why do you ignore the windows included mechanisms to protect RDP servers - i.e. TS Gateway? – TomTom Jan 19 '14 at 18:55
-
There is freeware option available now https://serverfault.com/questions/282510/what-should-i-do-if-i-find-someone-is-brute-forcing-my-server-password/1068887#1068887 – Arunas Bartisius Jul 07 '21 at 12:05
1 Answers
9
For Windows, The most straightforward option out there (from the ones that I tested) is a commercial solution called RdpGuard.
There's also one solution called IPBan, although I never tried that one.
You can also secure RDP requiring client certificates, check this article.
More interesting articles about securing RDP against brute force attacks:
Automatically block RDP attacks on your Windows Server 2008
Automatically banning IPs with Windows Firewall after scanning the eventlog
Gabriel Talavera
- 1,367
- 1
- 11
- 18
-
I've been using RdpGuard for 6 months now, and it's great. It's cheap, and gives you the flexibility of blocking connections via either the Windows Firewall or IPSec policies. – Daniel.S Feb 16 '17 at 03:01