This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Failed RDP Login Attempts and IPS

Hello, we have a few servers where the security logs shows repeated brute force login attempts via RDP... shouldn't the IPS block these kind of "attacks" by default?

This thread was automatically locked due to age.

Parents

0 tuscani over 12 years ago

Thanks guys.. we can't do the country blocking as we have clients worldwide.. sounds like VPN is our answer.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 tuscani over 12 years ago

Thanks guys.. we can't do the country blocking as we have clients worldwide.. sounds like VPN is our answer.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 eganders_01 over 12 years ago in reply to tuscani

.. sounds like VPN is our answer.
Meantime, if your RDP users are coming from known IP's (even if they're dynamic as most don't change all that often), you could certainly limit the IP's to specific addresses, or at least a known subnet, as the only allowed addresses. And you can keep those settings in place when you roll out the VPN's as well.
Cancel
Vote Up 0 Vote Down

Cancel