Almost every day I check 100's of unsuccessful logon attempts on my terminal server. TS Web access on server 2008 ent edition. Though I am using https/ssl certificate to encrypt my communications. My clients access this ts web access via 'https:/server.domainname.com'
How can I set up my configurations so that any one trying to establish connection via 'brute force, tsgrinder, etc etc which use dictionary attacks of various combinations should be disconnected after a couple of tries. I have also made unsuccessful logon attemps to 3 on this pariticular ts server local policy but still, attackers can establish and remain establish with this server. THere must be a way where anyone using these malicious programs should be disconnected automatically after a couple of attempts. How and where. I am trying to make this terminal server fully secured. Possible? Domain/enterprise admins have to waste alot of time to overcome security issues when easy articles like: