RdpGuard FAQ - Frequently Asked Questions. RdpGuard related Questions and Answers.
RdpGuard
Intrusion prevention system for your Windows Server
Follow:
Like:
Share:

RdpGuard FAQ

Is there an option to never unblock/unban an IP address? In other words to permanently block the IP addresses.
Thank you for your feedback, but this option was removed intentionally.

Permanent ban option was the reason for thousands of blocked IP addresses, which may cause various problems, including system slowdown.

We believe that temporary block should be enough to stop brute-force attacks or make them ineffective.

I installed it on a client version of Windows (Vista/7/8/8.1/10) and it doesn't detect anything. I also don't see any events in the Security event log. How do i adjust audit policy settings?
Click Start, click All Programs, and then click Accessories. Right-click Command prompt, and then click Run as administrator.

In command prompt window enter the following command and press Enter:

auditpol /set /category:"Logon/Logoff" /success:enable /failure:enable

Is there a way to unblock only one IP?
Yes, here is how to manually unblock single IP address:
http://rdpguard.com/how-to-unban-ip-address.aspx

Does it continue to run when I'm logged out? Or does it need to run as a service?
RdpGuard works as a service, protection works even if nobody is logged in. RdpGuard service is automatically installed during RdpGuard installation. The service starts automatically during computer start up.

You can close the RdpGuard Dashboard and log off, RdpGuard service will continue in background.

Eventhough I see an IP address in the Blocked IPs list and I also see it as an inbound firewall rule, I am still seeing failed attempts from those 'blocked' IP addresses.
It might be the Windows Firewall misconfiguration, or, probably it is not enabled for all network profiles.

Please check Windows Firewall settings or change blocking method to IP Security Policies in Tools, Options, General

Do you have to turn on the Windows Firewall on an RDP server for the RDPGuard software to work? We generally do not have the firewall turned on.
RdpGuard may work without Windows Firewall.

You will need to open Tools, Options, General and change blocking method from Windows Firewall to IP Security Policy.

How do i make RdpGuard listen on a port other than 3389?
RdpGuard works with custom RDP port without additional configuration. It should detect the port automatically.

What is the difference in Blocking Methods? Does one have advantages over the other?
Default blocking method is Windows Firewall and we recommend to use it when possible.

But sometimes Windows Firewall is turned off, for example when 3-rd party firewall is installed. In such a case, we offer alternate blocking method - IP Security Policies.

Both blocking methods are equally effective.

We are receiving many 4625 Event IDs in our Event Viewer. We can not determine "Source Network Address" because it is blank in Windows Server 2008. How do you add the IP blocks to the Firewall in those cases.
Yes, failed logon attempts via SSL(TLS) do not log attacker's ip address on Windows Server 2008 and Window Server 2008 R2

In such a case RdpGuard uses alternate, socket-based, approach in order to detect attacker's IP address.

In order to detect failed logon attempts via SSL(TSL) on Windows Server 2008 the following additional steps are required:

  • Install WinPcap from https://www.winpcap.org/install/default.htm
  • Restart RdpGuard Service via 'Tools, RdpGuard Service, Restart'
  • Open Tools, Options, Monitoring, Rdp Settings and change monitoring method to WinPcap

RdpGuard is running fine on our old XP/2003/2008 Server but some elements like images aren't displaying properly in RdpGuard Dashboard.
The GUI is HTML-based and uses the part of Internet Explorer in order to render HTML. Please try to install the latest version of Internet Explorer and/or corresponding updates.

Does the license is perpetual?
This is one time fee and your License is lifetime. Each license includes one year of free upgrades and support. This means that you are eligible for free upgrades within one year from your purchase.

After the one year is over you may continue use your current version as long as you wish, or you may purchase another year of upgrades (about 50% from the original price)

I just installed RdpGuard, but it shows the Trial is expired.
Please make sure RdpGuard Service (rdpguard-svc.exe) is allowed to contact activation server at rdpguard.com:443

This is required to obtain the trial.

Try to open Windows Firewall and allow Internet access for RdpGuard service process (C:\Program Files (x86)\RdpGuard\rdpguard-svc.exe)

If you are using 3-rd party Firewall, allow Internet access for RdpGuard service as well.

RdpGuard 4.2.5 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
Our Other Products
FastGlacier
Windows Client for Amazon Glacier - new low-cost storage for data archiving and backup.
Copyright © 2012-2017 NetSDK Software, LLC. All rights reserved.  Terms of Use.  Privacy Policy.