Windows 2008 Server Blocking RDP IP Address Hacks

Find out the IP address of the Prick who is trying to hack your server.

Go to the Windows Event Log, and select Security. Look for the Audit Failure event and you will see the IP there.

image

Setup a custom rule in Firewall With Advanced Security to block this incoming IP from attempting a hack.

Start -> administrative tools > windows firewall with advanced security.

Select Inbound Rules / New Rule

image

Select Custom / Next

image

Select All Programs / Next

image

Leave Default / Next

image

Leave the Local IP set to ANY, but Change the Remote IP to ADD

image

Ensure that you have added the prick who is hacking you, then Next

image

Select Block the Connection / Next

image

Leave Default / Next

image

Give the rule a name / Finish

image