Security on Windows 2008 R2 Servers

[sahostking]

Hey Guys,

I've read a few posts on ts_block and Syspeace.

Anyone ever use any of these Brute force prevention systems for windows yet?

Don't want to get my hands dirty on live servers if not much people have tested it and verified it a great thing for Windows Servers. I may have to create a test vps and install these though.
I've always been looking for something like this.

For now changing default ports and locking down firewall is great though.

 

[server-admins.net]

Your Windows servers should not be accepting RDP connections from untrusted IP's.
Alternate ports are great until some one does a portscan on your servers and finds that port 3390 is listening for connections.

 

[Telasera]

+1

Minimise your attack surface by having your RDP only accessible via trusted VPN or proxy.

 

[sahostking]

Thanks guys, aware of all that, just asking if anyone used these other software types as of yet for automated brute force prevention. Cpanel has CSF which it uses for such things and auto blocking of IPs. Looking for something for windows servers. Anyway testing out both now to see how they measure up.