Remote Desktop Security Monitor

Misc Remote Desktop Security Monitor 1.0

Author
Voxpire
Downloads
21
Views
561
First release
Last update
Rating
5.00 star(s) 1 ratings
No permission to download Join the discussion

More resources from Voxpire

Requirements
Windows Server
Windows PowerShell

Remote Desktop Security Monitor


Simply extract the contents anywhere and run "RDP MONITOR" to start the script.

This short and sweet PowerShell script will help fortify your server against malicious brute force attacks targeting the Remote Desktop Protocol (RDP).

It works by polling the system event logs, looking for specific Audit Failure events;

Upon detecting an Audit Failure, the IP address of the offending remote host is automatically added to a Windows Firewall entry.

It will react quickly, quick enough for any would-be attacker to have observed the heat-death of the Universe before they make any headway in guessing your password.

Not only does it protect RDP, but the firewall entry will block that IP from accessing any other port on your server, permanently.

The "RDP MONITOR" shortcut provided in this package can be used to set up a scheduled task, ensuring this script runs with the correct settings whenever your server boots up.

More security offers more peace of mind, make sure you use a strong password to secure your server.

You can change the port that RDP is listening on, to make it harder to find the way in.

WARNING:
If you run this script and fail to log-in to your own server and end up being firewalled, you will need to use another device with a different public IP to login and remove your IP from the firewall entry.
Alternatively, if you have access to KVM, recovering will be much easier in this event.
  • Like
Reactions: ParanoiaPhD

Active Shards

Donations

Total amount
$80.00
Goal
$1,000.00
Back