Raw Sockets Traffic Monitoring Method. How to configure Raw Sockets Monitoring in RdpGuard.

Traffic Monitoring via Raw Sockets

This monitoring method works on a limited set of Windows Server Editions. (Early Windows Server 2008 editions are not supported, but it works on Windows Server 2008 R2 and later.) Additionally, it may not work if there are third-party firewalls or anti-viruses installed

The advantage of this method is that it does not require any additional software, such as NPcap, to be installed.

The disadvantage of this method is that it may result in high CPU usage on heavily loaded servers. Therefore, we recommend using WinPcap/NPcap instead.

The following dialog allows you to configure the Raw Sockets monitoring method.

Raw Sockets Configuration

Addresses to monitor

Monitor All IP Addresses

RdpGuard listens on the protocol-specific ports for each IP address associated with the machine. It is important to note that monitoring all IP addresses can affect server performance, especially if there are a high number of IP addresses associated with the machine.

Monitor selected IP Addresses

To avoid a decrease in performance, it is recommended to limit the number of IP addresses your server software is listening on. This can be done by configuring the server software settings or firewall rules.

After you have completed the server software configuration, you can update the addresses to monitor in RdpGuard.

"This sotware is really great. It's a relief. Because my server is constantly under attack. Thanks RdpGuard" - Joaquim De Sousa Marques

"Nice product. I used to implement something similiar in a low-tech and cumbersome manner via a script called TSBlock (not mine). This makes it much easier and is well worth the pricetag for SMB's." - J. Johnson

"Absolutely amazed at your product. We are a church in the North Dallas area, and I discovered this morning multiple failed logon attempts via our Remote Access Server. A friend suggested your product, so I immediately downloaded the trial. It had a list of about five blocked IP addresses in minutes, and that was enough to lead me to push the BUY button. Over the past 10-15 minutes the list is now about thirty with at least a third being international attempts to break into our system. Thanks for a great product. You may have just saved us much grief." - John Hallford

"Love the software. RDP on our Windows servers is just ridiculous. We would block it in the router but we have lots of old-time customers that would have issues." - Scott Hirsch

"Love the software! Makes it easier than tailoring VB Scripts!!" - Nick Brennan

"It's a great product - really stopping those RDP attackers :-)" - Dave, UK

"First of all: Your application is very (!!!) useful and I like it very much securing my 2012 R2 server. RdpGuard is the best solution, I found on the market and after 10 minutes of testing it I ordered the fully-featured version. :-)" - Carsten Baltes