If you are running Microsoft SQL Server you probably aware of brute-force attacks on SA account. Almost every SQL server connected to the Internet is under constant attack.
Once a hacker has access to a SA (DBA) account, or even a normal user account, it can get full access to the file system on a server, or even to the files on the network to which it is connected.
If your SQL server accepts remote connections, System Event Log may contain thousands of entries like below:
Login failed for user 'sa' error 18456.
This means that someone is trying to get access to your server. Brute-force attacks may also abuse your server resources (CPU and bandwidth).
RdpGuard allows you to protect your MS SQL Server from brute-force attacks.
It monitors the EventLog and detects failed login attempts. If the number of failed login attempts from a single IP address reaches a set limit (three by default), the attacker's IP address will be blocked on the firewall.
For Windows XP, Vista, 7, 8, 8.1, 10 and Windows Server 2003 (R2), 2008 (R2), 2012 (R2), 2016