[i] This document was last updated 15/1/2019 (UK DATE FORMAT)

cbIPfRDP by Cobs.

Contents:

1- Introduction
2- Version Information
3- File Contents
4- How to use


1- Cobs' Ban IP from RDP

[i] This tool is used to block bots from attempting RDP brute force attacks.
[i] This tool will also block the IP after 2 failed attempts. (soon to come)


2- Version Information
Release version     = 1.0.0
cbIPfRDP version    = 1.0.0 (release)
WinFblockIP version = 1.0.0 (release)


3- Contents:
cbIPfRDP.exe     - Cobs' Ban IP from RDP.
looping.wfb      - Place in same folder as cbIPfRDP if you want it to continuously check.
Read.Me.Versions - This text document.
WinFblockIP      - Cob's IP Blocker for Windows Firewall
.\glblst.exe     - Global Blacklist tool. This is an automated file that will block IPs that have attacked us.


4- How to use:

Before running, if Latest.Log and IPs2Block.txt is present, delete them.
Otherwise cbIPfRDP will refuse to start.

====>>>>> MAKE SURE TO RUN cbIPfRDP AS ADMINISTRATOR
Failure to do so will either not work correctly or give error.

1.Launch cbIPfRDP.exe
2.Launch WinFblockIP.exe
3.Observe the contents of the cbIPfRDP window until you get warnings of logon failures.
4.When logon failures occur, close cbIPfRDP and open IPs2Block.txt
5.Select all and copy, then paste into WinFblockIP. It should automatically start and you may see a spam of command window's.
6.If command window says OK, all good. Delete Latest.log and IPs2Block.txt and restart cbIPfRDP.
6b. If you get any error, load up windows firewall and manually block the IP for inbound.
7.All good. Repeat process until login attacks slow.