IP Ban is a 3rd party application that has been developed in C# this application will work in a similar fashion to fail2ban (linux) in that it will ban IP addresses that fail to access RDP and MSSQL after a set threshold of attempts
- Download from http://www.digitalruby.com/securing-your-windows-dedicated-server/
- Extract the Archive to C:\Windows\IPBan\
- Add IP Ban to your windows services with the following (Administrator Command Prompt)
sc create IPBAN start= auto binPath= "C:\Windows\IPBan\ipban.exe" DisplayName= "IPBAN"
- Start the service
sc start IPBAN
- Go into Windows firewall rules (Start Menu -> Administrative Tools -> Windows Firewall with Advanced Security)
- Expand Inbound Rules
- Right-click rule "BlockIPAddresses" and click Properties.
- Click on the Scope tab and you can view/remove all blocked IPs