Recently I discovered someone was trying to brute force port 3389 on my machine and, thankfully, they had not managed to gain entry. However, I decided that a little extra security would be in order so made use of the built in Windows firewall to disable unknown IP addresses from connecting.
This is for Windows 7.
Step 1
Which IPs do you want to allow? For me it was a pretty short list as I only need remote access to my PC from a few locations and, luckily, they all have static addresses.
Step 2
Open Windows Firewall with Advanced Security and select the Inbound Rules section. You should get a big list of rules, some marked with a green tick, some with a grayed out tick, and others with a red “no entry” symbol. Find the one called “Remote Desktop (TCP-In)”
Step 3
This can be a little fiddly depending on your network set up because the Windows firewall applies different rules depending on what type of network you’re connected to. That’s the window that pops up when you connect to a network for the first time and you always ignore. The options are (under the advanced tab) Domain, Private, Public. For simplicity I just ticked all three.
Step 4
Under the scope tab you need to Add the IPs you want to allow. This is pretty straight-forward but will be fiddly if you have anything odd about your set up, for example I have VirtualBox installed which apparently changed my network setup from Private to Public so I have to put my internal IP range in the “Remote IP addresses” section so I can RDP from my living room to my upstairs-PC.
Done!
That should be it but make sure you test it from the IPs you want to gain access from before you need to rely on themĀ 
Leave a Reply