RdpGuard FAQ - Frequently Asked Questions. RdpGuard related Questions and Answers.
RdpGuard
Intrusion prevention system for your Windows Server
 
Follow:
Share:

RdpGuard FAQ

Is there an option to never unblock/unban an IP address? In other words to permanently block the IP addresses.
Thank you for your feedback, but this option was removed intentionally.

Permanent ban option was the reason for thousands of blocked IP addresses, which may cause various problems, including system slowdown.

We believe that temporary block should be enough to stop brute-force attacks or make them ineffective.

I installed it on a client version of Windows (Vista/7/8/8.1/10) and it doesn't detect anything. I also don't see any events in the Security event log. How do i adjust audit policy settings?
Click Start, click All Programs, and then click Accessories. Right-click Command prompt, and then click Run as administrator.

In command prompt window enter the following command and press Enter:

auditpol /set /subcategory:Logon /success:enable /failure:enable

Is there a way to unblock only one IP?
Yes, here is how to manually unblock single IP address:
http://rdpguard.com/how-to-unban-ip-address.aspx

Does it continue to run when I'm logged out? Or does it need to run as a service?
RdpGuard works as a service, protection works even if nobody is logged in. RdpGuard service is automatically installed during RdpGuard installation. The service starts automatically during computer start up.

You can close the RdpGuard Dashboard and log off, RdpGuard service will continue in background.

Do you have to turn on the Windows Firewall on an RDP server for the RDPGuard software to work? We generally do not have the Windows Firewall turned on.
Windows Firewall is not used at all. RdpGuard works with Windows Filtering Platform directly to block IP addresses.

How do i make RdpGuard listen on a port other than 3389?
RdpGuard works with custom RDP port without additional configuration. It should detect the port automatically.

What is the difference in Blocking Methods? Does one have advantages over the other?
Default blocking method is Windows Filtering Platform and we recommend to use it when possible.

Other blocking methods are for backward compatibility only and are not recommended.

We are receiving many 4625 Event IDs in our Event Viewer. We can not determine "Source Network Address" because it is blank in Windows Server 2008. How do you detect IP addresses in those cases?
Yes, failed logon attempts via SSL(TLS) do not log attacker's IP address on Windows Server 2008 and Window Server 2008 R2

In such a case RdpGuard uses alternate, socket-based, approach in order to detect attacker's IP address.

In order to detect failed logon attempts via SSL(TSL) on Windows Server 2008 the following additional steps are required:

RdpGuard is running fine on our old XP/2003/2008 Server but some elements like images aren't displaying properly in RdpGuard Dashboard.
RdpGuard Dashboard is HTML based and uses the Internet Explorer engine in order to render HTML. Please install the most recent version of Internet Explorer and corresponding updates.

Is the RdpGuard License perpetual?
This is one time fee and your License is lifetime. Each license includes one year of free upgrades, support and access to IP Cloud and Geo IP services. This means that you are eligible for free upgrades within one year from your purchase.

After the one year is over you may continue use your current version as long as you wish, or you may purchase another year of upgrades for $49.95

I just installed RdpGuard, but it shows the Trial is expired.
Please make sure RdpGuard Service (rdpguard-svc.exe) is allowed to contact activation server at rdpguard.com at port 443

This is required to obtain the trial.

Please open Windows Firewall and allow Internet access for RdpGuard service process (C:\Program Files (x86)\RdpGuard\rdpguard-svc.exe)

If you are using 3-rd party Firewall, allow Internet access for RdpGuard service as well.

RdpGuard 9.7.9 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
Our customers say

"This sotware is really great. It's a relief. Because my server is constantly under attack. Thanks RdpGuard" - Joaquim De Sousa Marques

"Nice product. I used to implement something similiar in a low-tech and cumbersome manner via a script called TSBlock (not mine). This makes it much easier and is well worth the pricetag for SMB's." - J. Johnson

"Absolutely amazed at your product. We are a church in the North Dallas area, and I discovered this morning multiple failed logon attempts via our Remote Access Server. A friend suggested your product, so I immediately downloaded the trial. It had a list of about five blocked IP addresses in minutes, and that was enough to lead me to push the BUY button. Over the past 10-15 minutes the list is now about thirty with at least a third being international attempts to break into our system. Thanks for a great product. You may have just saved us much grief." - John Hallford

"Love the software. RDP on our Windows servers is just ridiculous. We would block it in the router but we have lots of old-time customers that would have issues." - Scott Hirsch

"Love the software! Makes it easier than tailoring VB Scripts!!" - Nick Brennan

"It's a great product - really stopping those RDP attackers :-)" - Dave, UK

"First of all: Your application is very (!!!) useful and I like it very much securing my 2012 R2 server. RdpGuard is the best solution, I found on the market and after 10 minutes of testing it I ordered the fully-featured version. :-)" - Carsten Baltes

Our Other Products
Copyright © 2012-2024 NetSDK Software. All rights reserved.  Terms of Use.  Privacy Policy.