mobileFX Spartan RDP Guard
In This Topic
    Spartan RDP Guard
    In This Topic

    mobileFX Spartan RDP Guard is an intrusion detection system (IDS) and host-based intrusion prevention system (HIPS), implemented as a Windows Service.

    The service subscribes to Windows Security Event Log and audits failed Remote Desktop Protocol (RDP) login attempts in real-time.

    For every failed login attempt it immediately creates an Instant Windows Firewall Block Rule blocking the remote IPv4 address that failed to login.

    The service has an allow-list and a DynDNS-list that are used as block exclusion lists. Normally you set your own IPv4 addresses or domain names in those lists.

    On regular intervals, instant rules are consolidated into a single mobileFX Spartan RDP Guard Rule, thus keeping your Firewall organized.

    Key Features:

    Command Line Interface / Service

     Spartan can run either as a Windows Service or from command line.



    User Interface

    When Spartan starts it displays and SVG world map colored in shades of red for Attacks and in shades of purple for Blocked IP addresses.

    You can change view between attacks and blocked IP addresses from the radio boxes on the top-left of the map.

    The map is interactive and you can zoom and tilt on it. When connected to Spartan service, the map displays in real-time the attacks to your server in vivid red color.


    In Attacks Log you can query Spartan database for attacks that occurred during a date range or for attacks from a specific country.

    In Blocked IPs page you can view, add or remove IP addresses from the block list.


    You can add bulk IP addresses to Block-list by right-click on the list and selecting the Add Records command. The input dialog is equiped with IPv4 regular expression that can extract any IPv4 address from any text stream.

    The extracted IP addresses are displayed in the Parsed tab.


     From Spartan UI by choosing Service > Edit Configuration  you can change several service settings.



    The consolidated Windows Firewall Rule used by Spartan:



    See Also