RDP got Pwned
Comments
-
undomiel
Member Posts: 2,818
I wouldn't necessarily say pwned just that it got the dictionary thrown at it.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/ -
RobertKaucher
Member Posts: 4,299 ■■■■■■■■■■
Correct, poor choice of words. Typical stuff. Use strong passwords and change the default port.I wouldn't necessarily say pwned just that it got the dictionary thrown at it. -
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
This explains why a TE member started a thread a week or so ago about outbound RDP connections.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
lol@ this list of passwords it tries.
admin password server test user pass letmein 1234qwer 1q2w3e 1qaz2wsx aaa abc123 abcd1234 admin123 111 123 369 1111 12345 111111 123123 123321 123456 654321 666666 888888 1234567 12345678 123456789 1234567890
Spaceballs security I guess.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
QHalo
Member Posts: 1,488
-
cyberguypr
Mod Posts: 6,928 Mod
Just more proof that the human element is the weakest link. Sad thing is I know a few IT guys who use some of those passwords. -
Everyone
Member Posts: 1,661
No vulnerability here, and if you're stupid enough to get infected by this, you may just deserve it.
Using a good strong password easily defeats this.
The other thing is... who in their right mind allows RDP connections from the internet? You should have to VPN into the network, which itself should require at least a good username and password, if not certificates, BEFORE you're allowed to use that port to connect to anything. -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
The Morto worm threat: Use it to improve your security | Security - InfoWorld
This article I found to sum it up very nicely. I'm not happy that it came out, but this definitely makes you look at security in-depth.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
