Ever wonder how to block the attacks that seem to be more frequent from the script kiddies against Terminal Services on Windows Server (2003, or 2008, or 2008R2)?
So have I.
Since you no longer have the ability to log the offending IP (as could be done in Windows Server 2000), you are stuck in later versions of Windows.
Thankfully, super sysadmin Evan Anderson
has figured it out so you and I don't have to!
Here is his solution: ts_block
Nice bit of coding there. Can't wait to try it out (or steal the bits I need to kludge up my own solution).
I appreciate the sharing in either case.