Recently a colleague mentioned to me that while he was greatly enjoying his time at our employer, his real job was currency trading.  He was soon to obtain fortunes beyond the dreams of avarice via his FOREX operations.

Well, we’ve talked about FOREX before.

But my point in mentioning this to you all is not his somewhat dubious financial prospects but rather a complaint he had:

I have a couple VPSes where I run some automated trading software.  They’re getting a ton of RDP attack attempts. I’m being notified by malwarebytes.  How can I configure on the Windows System to prevent the RDP attack attempts?

The simple answer to this is to change your Windows RDP port.  We have a fine tutorial (submitted by RackNerd) on how to do this.

Yes, this is security by obscurity.  A determined attacker is going to scan all your ports and find your RDP.  But the point here is that script kiddies scan thousands / millions of IPs looking for the default RDP port.  If yours doesn’t answer, they move on.  So while you’re not getting a true security boost doing this, you’re radically cutting down on the number of attempts.

Now if you want a “pro” solution, there are a couple options.

1. You can install an active firewall that watches your logs and proactively blocks IPs who are constantly failing to login.  Something akin to fail2ban on Linux. Here is a SF article that has some links.
2. Or you could setup the Windows firewall to block all access except connections originating from your home IP.  Obviously, if your home IP changes (dynamic DNS) then you’d need to update the rules whenever the address changes.

But the simple, quick solution is to change your RDP port.

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• I Am Such a Tease: A Giveaway is Coming Tomorrow!And Let’s Do a Review of Gleam - May 3, 2024
• Netherlands Regulations: Datacenter Servers Must Be Set to Balanced or Power Saving Mode - May 2, 2024
• What Does Your Road Warrior Kit Look Like?Here’s How I Setup to Go On the Road - May 1, 2024