This software uses the Windows firewall to block IP addresses that attempt hacking on Windows server services such as RDP, FTP and SQL-Server.
With BotFence in place, users can configure the program to detect a specific number of failed login events. If the program detects this number of failed events from the same IP address, the IP address is dynamically listed as blocked in the Windows firewall.
If your Windows server is reachable from the internet and you want certain services (like remote desktop, FTP transfers, or SQL-Server) to be accessible from the outside, then your server is likely to experience hacking attempts. There are numerous automated hacking tools (bots) that actively scan IP address ranges for published services, and when they detect active FTP, RDP, or SQL-Server services, they try hundreds (or even thousands) of frequently-used passwords.
Unfortunately, 'Administrator' (RDP) and 'sa' (superuser for SQL-Server) are the most targeted accounts. The bots will continue to attempt access unless they are successful, potentially causing high server loads.
BotFence offers a solution to this problem by detecting and automatically blocking IP addresses with hacking attempts. In summary, this software is a convenient way to monitor and protect your Windows server services, making it a valuable tool for those in need of additional security measures.
Version 2.15.0002: Bugfix: Malformed Eventlog entries no longer cause the BotFence service to stop