Since people are getting unauthorized access to my Windows Server (bruteforced over several months..), I'd like to set up a whitelist for RDP access.
I have tried the following with Windows Firewall inbound rules:
This still allows other users to connect through RDP. Is there any way to block such unauthorized access through a whitelist?
EDIT: The firewall is enabled, and it's the only firewall running on the machine. Rules like allowing port 80 traffic behave correctly.
Best Answer
Check to make sure that the rule is enabled:
Furthermore, restrict login attempts to five or less before an account is locked out for an hour or more. You can also change your RDP port to lessen the risk from scripted attacks (security through obscurity has gotten a poor reputation that is undue).
Also, choose passwords that are better. A network-borne attack should take theoretical centuries to brute force even a relatively basic password. Consider the use of pass-phrases.
twasbrilligandtheslithytoves
,halfaleagueonward
, or other memorable literary references are all around better thankF4^1*wi
.