Ways to protect myself from unauthorized remote access

[IllBeTheJudge]

Hiya

Whilst troubleshooting another issue, I noticed that overnight there are dozens of attempts to log onto my machine remotely (all failing)

I checked my router logs and saw a couple of different IP addresses trying to access my PC remotely. Tracing these IPs probably revealed nothing, but reportedly they were coming out of South Korea and China

Although at times I might need to remotely access my machine from "anywhere", for now I have blocked all access to remote desktop apart from a few known good addresses (such as from my work IP address) but just wondering what others might consider best practices in regards to protecting themselves from unauthorized remote desktop access? Is there other software I should look into, or other means that might already be at my disposal (using Windows 7 Professional, but not expecting a lot the OS to do about it)

I am running Kaspersky Internet Security 12, so would I be better off blocking access from there, or at the router level itself?

 

[Maguscreed]

It's likely just some script kiddie port scanning looking for a open system.
It's not uncommon to get a few hits or clusters of them now and then.
If it's constant you can consider it a focused attack.
I think you're just getting port scanned though. and kapersky should be adequate.
The only reason I don't say do it at the router is it can mess with some online games.
If you don't game at all you could go ahead and just tell your router not to respond to them.

 

[Qdos]

Just set your LAN side of the router to ignore all pings and scans, but actively defend against DOS attacks, and make sure its firmware is up to date.

If you need access from your workplace set up VPN.

In Windows ensure the firewall is on, and the inbound rules cover everything. Ensure your updates are kept on schedule, and consider turning off Remote Assistance etc.

If you go to this forums Tutorial Section you'll find many more tips

 

[IllBeTheJudge]

Thanks Maguscreed and Qdos

The attempts have been happening a lot (just re-checked the Event log) so I have restricted access to port 3389, and created a VPN, and when I am next in the office I will see how that goes

Pings were already being ignored and DoS attacks monitored also. Remote Assistance is switched off also, so now I'll just see how things go and monitor logs

Thanks for the assistance

 

[Infinite]

You could use a Firewall like Comodo Firewall or enable the default built in one.

A good Anti-Virus and Anti-Malware like MSE (you won't need this since you already have Kaspersky) but Malwarebytes or SuperAntiSpyware will also help run with Kaspersky.

You could also disable Remote Registry by opening up services.msc (from a run box or the Start Menu Search) and head over to Remote Registry, stop it if you haven't already. Right Click and select Properties, change the Startup type to Disabled

For extra protection you could install WOT or another site advisor for your Browser and FlashBlock with NoScript could also help to block Malicious sites.

 

[IllBeTheJudge]

Thanks for that Infinite

I have MalwareBytes and run that fairly regularly
I used to have SuperAntiSpyware but ran into some compatibility issues at some stage (from memory, issues with it AND Kaspersky running)

I'll look into those other suggestions of yours too, appreciate the time and effort