Googled online to identify steps to take for securing MS Windows Terminal Services.
One of the tools mentioned is BFGuard.
What is BFGuard?
BFGuard stands for “Brute Force Guard”.
How does it work?
It principally monitors the local machine’s event log. The relevant log file in this case is the “Security Log“.
Upon finding entries that indicate failed logins correlative data is gathered. Obvious correlative data includes username and IP Address.
Once the configured maximum number of failed attempts are reached the specific IP Address is blacklisted.
Please download the free tool from here.
Screen Shots Please
From the screen shots here are the functionalities offered:
A listing of “Blocked IPs”
Ability to whitelist specific IP Addresses
Statistics on each connected IP Address
Wanted to introduce the product.
In the days ahead we will revisit and update our post.