One of my remaining dedicated servers which hasn't yet been migrated to Amazon EC2 is hosted in a UK datacenter without a dedicated firewall to protect it.

Whilst I knew that the server was effectively exposed to the Internet on various ports I did not realise that despite me setting up the Windows firewall to only allow logon attempts on the RDP port (Remote Desktop) from a fixed set of IP addresses, many if not all logon attempts were still getting through. I'm not sure why, but I seem to recall that the block only kicks in after a successful authentication, meaning bots were still probing my server 24/7. Not good.

What I needed was an easy way (by this is not what exactly easy, neither is that) to block hacking attempts with configurable bans based on IPs.

The best and simplest tool I found for this job was RDPGuard. It runs as a Windows Service and can easily be configured to block brute force logon attempts.

I can really recommend it if you run a public facing Windows box without a dedicated firewall. They offer a free, fully functional trial on their website.