You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My last blocked IP was 3/31/2014 which I thought was odd, so logged into a remote system and hammered my server 6 times with Administrator, which should have been immediately blocked. After that I was able to authenticate with a correct login & password.
I have enabled Debug and I can see nothing out of the ordinary. I use a modified script that ignores private IPs so I restored the original script and it behaves the same way: nothing logged, nothing blocked.
Could a MS patch have broken it?
It is running on Windows 2008 R2.
The text was updated successfully, but these errors were encountered:
I'm not sure what changed, probably a patch relating to RDP security, but when I changed the Security Layer in RDP Host Config from Negotiate to RDP Security Layer it blocked my attempt to log in as a specified user account. Yay! Working again.
Microsoft doesn't include the remote computer's IP address in the Event Log entries when the Security Layer is set to anything other than "RDP". Without that IP address the ts_block script can't do anything.
My last blocked IP was 3/31/2014 which I thought was odd, so logged into a remote system and hammered my server 6 times with Administrator, which should have been immediately blocked. After that I was able to authenticate with a correct login & password.
I have enabled Debug and I can see nothing out of the ordinary. I use a modified script that ignores private IPs so I restored the original script and it behaves the same way: nothing logged, nothing blocked.
Could a MS patch have broken it?
It is running on Windows 2008 R2.
The text was updated successfully, but these errors were encountered: