RdpGuard is a host-based intrusion prevention system (HIPS) that protects your Windows Server from brute-force attacks on various protocols and services (RDP, MS-SQL, FTP, SMTP, MySQL, IIS Web Login, ASP.NET Web Forms).
It monitors the logs on your server and detects failed logon attempts. If the number of failed logon attempts from a single IP address reaches a set limit, the attacker's IP address will be blocked for a specified period of time.
For Windows XP, Vista, 7, 8, 8.1, 10 and Windows Server 2003 (R2), 2008 (R2), 2012 (R2), 2016
Attacker's IP addresses are blocked automatically. Click image to view other screenshots.
Why do you need it?
Many Windows Server machines are under constant attack. Network scanners and RDP brute-force tools work 24/7. Eventually they may find a password to access your server! Moreover, RDP brute-force attacks may abuse server resources (CPU and bandwidth).
Take a look at your server's Security EventLog. How many failed login attempts do you see? The log may note thousands of failed login attempts from a single IP address. This means that someone is trying to find a password to access your server.
This is how an RDP brute-force attack appears in the Security EventLog.
How can you protect your server from brute-force password-guessing attacks on RDP? The answer is RdpGuard - powerful tool that allows you to protect your Remote Desktop from brute-force attacks.
RdpGuard works as a Windows Service. Your Windows Server will be protected even if nobody is logged in.
Attacker's IP address is blocked on the Firewall automatically.