Steps for addressing unsecure RDP ports include:
- Using a firewall to eliminate RDP access from outside your network
[/*]- Requiring the use of two-factor authentication
[/*]- Configuring endpoint password policies that limit the number of login attempts before locking the account
[/*]- Using a remote access solution that relies on a less common port
[/*]
Given the continuous and concerted use of RDP to compromise MSP networks, it would be wise to eliminate all use of RDP in favor of a more secure commercial alternative.
You should also consider monitoring for network intrusions, looking for multiple failed logon attempts in event logs, which is capable in Windows 10.
https://webrootcom-webroot.com/safe/
