Here are some things I did recently to ensure a remote hosted server is more resilient to dictionary attacks:
- In "Remote Configuration" I specified that clients all need to use "Network Level Authentication".
- I only allowed Remote Desktop Connections for a single account (meaning only one account can be compromised)
- In "Local Security Policy" I specified that the account should be locked for a few minutes on 3 failed logon attempts.
- I made the password much longer and more complex.
Feel free to comment if I missed something obvious!
0 comments:
Post a Comment