Dear all,
Sorry if this already been answered. I spent an hour on the forum to search, but didn't find something useful.
The question, I believe many already asked, is: when you left your Windows Server 2008 on the Internet, serving IIS, FTP, Remote Desktop, etc., you'll see lots of attack (i.e. trying to login with Brute Force). Although I could get these IP address from Security log, and then add it into Firewall block list, it's manual work.
How about something magic that detect this and auto block this IP on everything for, say 5 mins?
Best regards,
dong