Your Windows server, operating on a custom network, has an allow firewall rule configured with an IP filter of 0.0.0.0/0 and a protocol/port of tcp:3389. Despite this, the instance logs reveal numerous connection attempts via RDP from various IP addresses, hinting at a potential brute force attack. What modification to the firewall rule could mitigate this issue while still permitting legitimate access?