Looking at the Event Logs... there are constant attempts from Hackers and their clones attempting to RDP (or whatever they're using) hack into my Server. Why is it that Microsoft doesn't put in an Auto-block of these IP addresses after, lets say, 10 failed login attempts in 1 min???
How can I put a stop to these individuals and permanently block them after 10-20 attempts? Trying to put them in one by one is inefficient. I tried a major IP address block last year, and ended up locking myself out while I was on Vacation in Hawaii. Apparently part of the IP range that I thought was exclusively for China was also being used in Hawaii. I had to RDP into my brother's computer and then used his computer to RDP back into the Server to change the firewall settings/subsets to allow me access... ARRGGG!
I'm using Server 2008r2