Remote Desktop servers are a popular target of hackers. Bots continuously search for servers with open Remote Desktop ports and then perform brute force attacks.
A popular trend is to deploy a large network of infected machines that perform only one or two login attempts per day. This makes it much more difficult to defend against these types of attacks with regular brute force security. It is therefore important for the security of your VPS to restrict access to your Remote Desktop servers.
There are several options for securing your Remote Desktop servers. Below are some options depending on your Windows environment:
All Windows environments:
- Changing the Remote Desktop Port Number
-
Restricting Remote Desktop access to specific IPs (e.g. from a VPN connection)
Active Directory environments: