Downloads:

398

Downloads of v 1.0.0:

398

Last Update:

11/10/2016

Package Maintainer(s):

Software Author(s):

  • Tweaking.com

Tags:

tweaking.com Remote Desktop IP Monitor Blocker admin notsilent

Remote Desktop IP Monitor and Blocker (Install)

1.0.0 | Updated: 11/10/2016

Downloads:

398

Downloads of v 1.0.0:

398

Maintainer(s):

Software Author(s):

  • Tweaking.com

Remote Desktop IP Monitor and Blocker (Install) 1.0.0

All Checks are Passing

2 Passing Test


Validation Testing Passed


Verification Testing Passed

Details

To install Remote Desktop IP Monitor and Blocker (Install), run the following command from the command line or from PowerShell:

>

To upgrade Remote Desktop IP Monitor and Blocker (Install), run the following command from the command line or from PowerShell:

>

To uninstall Remote Desktop IP Monitor and Blocker (Install), run the following command from the command line or from PowerShell:

>

NOTE: This applies to both open source and commercial editions of Chocolatey.

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

  • Open Source or Commercial:
    • Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://chocolatey.org/api/v2. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
    • You can also just download the package and push it to a repository Download

3. Enter your internal repository url

(this should look similar to https://chocolatey.org/api/v2)

4. Choose your deployment method:


choco upgrade remote-desktop-ip-monitor-and-blocker -y --source="'STEP 3 URL'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade remote-desktop-ip-monitor-and-blocker -y --source="'STEP 3 URL'" 
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode

- name: Ensure remote-desktop-ip-monitor-and-blocker installed
  win_chocolatey:
    name: remote-desktop-ip-monitor-and-blocker
    state: present
    version: 1.0.0
    source: STEP 3 URL

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.

Coming early 2020! Central Managment Reporting available now! More information...


chocolatey_package 'remote-desktop-ip-monitor-and-blocker' do
  action    :install
  version  '1.0.0'
  source   'STEP 3 URL'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


Chocolatey::Ensure-Package
(
    Name: remote-desktop-ip-monitor-and-blocker,
    Version: 1.0.0,
    Source: STEP 3 URL
);

Requires Otter Chocolatey Extension. See docs at https://inedo.com/den/otter/chocolatey.


cChocoPackageInstaller remote-desktop-ip-monitor-and-blocker
{
   Name     = 'remote-desktop-ip-monitor-and-blocker'
   Ensure   = 'Present'
   Version  = '1.0.0'
   Source   = 'STEP 3 URL'
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'remote-desktop-ip-monitor-and-blocker':
  provider => 'chocolatey',
  ensure   => '1.0.0',
  source   => 'STEP 3 URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.


salt '*' chocolatey.install remote-desktop-ip-monitor-and-blocker version="1.0.0" source="STEP 3 URL"

See docs at https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.chocolatey.html.

5. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

Private CDN cached downloads available for licensed customers. Never experience 404 breakages again! Learn more...

This package was approved by moderator gep13 on 11/14/2016.

Description

I made this program after seeing brute force attacks on a customers server who had remote desktop enabled and open to the internet. The attacks were trying to brute force the password for the administrator account.

The Windows Event Viewer was not showing which IP address the connections were coming from. They were also coming from multiple locations and hitting at random times during the day and night. So tracking them down with the built in Windows tools was going nowhere.

This that will monitor and log any IP that hits the remote desktop and to be able to block those IP's.

The program will monitor the remote desktop port using the Windows netstat API and keep them in a log for later viewing. The program has a built in block IP tool to easily block any IP address. It does this by using the built in Windows IP Security Policy (IPSec). The drawback is, theprogram can only block IP's, but can not unblock them. To unblock them I have included a guide here: How to remove IP's from the Windows IP Security (IPSec) Added by the Tweaking.com - Block IP Tool

Even though this tool was built for watching the remote desktop port you can use it to watch any single port on the system. So if you have another kind of server running and the port open to the internet you can now log any IP that hits it.

PACKAGING NOTE: Uninstall is NOT silent.


tools\chocolateyinstall.ps1
$ErrorActionPreference = 'Stop'
$packageName= 'remote-desktop-ip-monitor-and-blocker'
$softwareName = 'Tweaking.com - Remote Desktop IP Monitor*'
$installerType = 'EXE'
$toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$url        = 'http://www.tweaking.com/files/setups/tweaking.com_remote_desktop_ip_monitor_blocker_setup.exe' 
$checksum   = 'C727FA841D6D6A262C4396285BE63361222EBD35A4A15D2FAB410FDD98D069A8'
$silentArgs = '/S'
$validExitCodes= @(0)

$packageArgs = @{
  packageName   = $packageName
  fileType      = $installerType
  url           = $url
  validExitCodes= $validExitCodes
  silentArgs    = $silentArgs
  softwareName  = $softwareName
  checksum      = $checksum
  checksumType  = 'sha256' 
}

Install-ChocolateyPackage @packageArgs  
  

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Version Downloads Last Updated Status

This package has no dependencies.

Discussion for the Remote Desktop IP Monitor and Blocker (Install) Package

Ground Rules:

  • This discussion is only about Remote Desktop IP Monitor and Blocker (Install) and the Remote Desktop IP Monitor and Blocker (Install) package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or Remote Desktop IP Monitor and Blocker (Install), or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus