I have a lot of remote desktop brut force attempts on my server. I try to use firwall to allow only my public IP. I use exeptions and scope
but I still able to connect with RDP from others IPs. do you have idea please ?
Answer
Its hard to gather exactly what your scenario and system setup looks like so this is my best guess based on the information provided
Typically you never want to expose your server directly to the internet, especially not Remote Desktop since it is a common port and consistently scanned for on the internet. Once they find it they will constantly attempt to login.
Usually the best defense is simply to run RDP over a different port instead of the standard port. You can find more information about how to do that here.
However, I would strongly advise that you utilize a real firewall device that seperates your server from your internet connection if at all possible. However, changing the default port will reduce the amount of login attempts significantly.
If you still want to setup firewall rules you will have to provide detailed information on what firewall you are using and what the intended behavior should be.
Attribution
Source : Link , Question Author : albi32 , Answer Author : Brent Pabst
