LF Intrusion Detection

Although you may be using a two-factor authentication, complex passwords and set a system that locks users out for a period of time after a certain number of failed login attempts, sometimes all these extra measures may not be enough to block RDP attacks.

LF Intrusion Detection is an advanced, yet intuitive piece of software designed to help you detect all brute force attacks and unauthorized login attempts to log on the server so that you can block them permanently or temporarily.

While the setup is quick and uneventful, you should know that you are required to configure the application so that it is allowed to detect login attempts. To be more precise, you can follow the steps indicated in the splash screen to enable the check failure attempts from the Audit Policy.

The utility comes with an appealing and well-organized interface that is designed as a dashboard in order to facilitate navigation. At the same time, it displays a legend that allows you to determine whether the services being monitored are running with their latest versions.

Functionality-wise, the application is as simple as it looks. To put it simply, the program continually monitors the system continuously along with the system log events for the purpose of detecting failed login attempts that are repeated and come from the same IP address.

It is worth mentioning that the program is versatile and hence, you can customize it so that it meets the desired protection levels for your server. You can specify the maximum repeated login attempts before blocking IP addresses as well as the duration of the temporary and permanent blocks to the IP addresses that are going to be performed automatically.

In the eventuality that you noticed the number of brute force attacks increased lately and you want to make sure that they remain unsuccessful, then perhaps LF Intrusion Detection could come in handy.