Create a Lockout policy for RDP

Question

In my city there was a recent incident that some hackers login to a server by using brute force attack on RDP. I have got a server and I want to enable some security policy to lockout the account if more than 3 constitutive unsuccessful attempts occurs. I have not idea how to implement it?

Could someone please show me the correct direction?

Thank you!

Take a look at this URL: http://www.windowsecurity.com/articles/Securing-Remote-Desktop-Services-Windows-Server-2008-R2.html. You're going to want to check out NLA. — slm, Jan 08 '13 at 04:25

score 3 · Answer 1 · answered Jan 08 '13 at 04:25

You're thinking about this the wrong way around. RDP should not be accessible from the Internet. Ever.

But... you can specify the number of failed logon attempts before that user account is locked out using local security policy (Security Settings - Account Policies - Account Lockout Policies). However if I recall correctly Account Lockout Policies are not applied to the local administrator account.

Agreed. Don't put it on the internet; just set up a VPN. – Cheekysoft Jan 08 '13 at 13:50 — Cheekysoft, Jan 08 '13 at 13:50

Create a Lockout policy for RDP

1 Answers1