December 2013

Windows 2008 Server Blocking RDP IP Address Hacks

Find out the IP address of the Prick who is trying to hack your server. Go to the Windows Event Log, and select Security. Look for the Audit Failure event and you will see the IP there. Setup a custom rule in Firewall With Advanced Security to block this incoming IP from attempting a hack. Start -> administrative tools > windows firewall with advanced security. Select Inbound Rules / New Rule Select Custom / Next Select All Programs / Next Leave Default / Next Leave the Local IP set to ANY, but Change the Remote IP to ADD Ensure that you have added the prick who is hacking you, then Next Select Block the Connection / Next Leave Default / Next Give the rule a name / Finish