system: VPS windows server 2008r2 at a remote location, directly exposed to internet
Administration is possible only viaRemoteDesktop.
I cannot disable&replace the default administrator account with a different username...which means I get a lot of brute force attacks.
I created rules in the firewall to limit the scope of the remote IP addresses, even limited the scope of the RDP rules down to my client IP address only.I tested the rules by trying to access the vps server from a wifi hotspot (starbucks was useful for once) and indeed I was not to rdp into myserver.
Yet I still find Nigerian , chinese taiwanese iranian and so on based IP addresses in the event log under audit failures.
I didn't want to limit the ip scope, because if my ISP changed my IP address ,I'd lose access to my VPS server... then again, why are the Nigerians still getting in?
Anyway,is there a way to replace the username and password login with a public/private key method like it is under Linux? Or perhaps is there a better solution?
Hope someone can help.
Thank you in advance!
Paolo