On Mar 27, 2014 4:22 PM, "Chris Bagnall" <pfse...@lists.minotaur.cc> wrote:
> On 27/3/14 8:17 pm, Walter Parker wrote: > >> That's what I would recommend. The VPN can serve as a second gateway to >> protect the RDP from the outside world, so you could pitch this solution >> as >> higher security method of network access. >> > > This. > > There seem to be lots of dictionary attacks against RDP servers these > days, to the extent that even a server with strong passwords can still end > up DOSing a connection because of the bandwidth required to reject the > login attempts. > > As an aside, does anyone know of something similar to fail2ban or > denyhosts for Windows machines? :-) > > Kind regards, > > Chris > > Chris, There are several tools that work like fail2ban/denyhosts for Windows. A commercial one that apparently works pretty well is called RdpGuard. (Despite the name, it also supports SQL and FTP blocking). You could also try ts_block (https://github.com/EvanAnderson/ts_block), fail2ban with a helper script ( http://wqweto.wordpress.com/2013/12/10/how-to-use-fail2ban-with-terminal-servers-rdsh-farm/), EvlWatcher ( http://nerderies.blogspot.co.at/2012/12/automatically-banning-ips-with-windows.html), a VBScript/PowerShell solution ( http://psscripts.blogspot.com/2012/12/automatically-block-rdp-attacks-on-your.html), IPBan (http://www.digitalruby.com/securing-your-windows-dedicated-server/), QaasWall (http://sourceforge.net/projects/qaaswall-window/), or one of a ton of other solutions. Disclaimer: I have not tried all of these myself, but I did this research a year or two ago and this is what I found. Moshe
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
