RDP got Pwned
Comments
-
undomiel Member Posts: 2,818I wouldn't necessarily say pwned just that it got the dictionary thrown at it.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■I wouldn't necessarily say pwned just that it got the dictionary thrown at it.
-
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□This explains why a TE member started a thread a week or so ago about outbound RDP connections.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□lol@ this list of passwords it tries.
admin password server test user pass letmein 1234qwer 1q2w3e 1qaz2wsx aaa abc123 abcd1234 admin123 111 123 369 1111 12345 111111 123123 123321 123456 654321 666666 888888 1234567 12345678 123456789 1234567890
Spaceballs security I guess.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
QHalo Member Posts: 1,488
-
cyberguypr Mod Posts: 6,928 ModJust more proof that the human element is the weakest link. Sad thing is I know a few IT guys who use some of those passwords.
-
Everyone Member Posts: 1,661No vulnerability here, and if you're stupid enough to get infected by this, you may just deserve it.
Using a good strong password easily defeats this.
The other thing is... who in their right mind allows RDP connections from the internet? You should have to VPN into the network, which itself should require at least a good username and password, if not certificates, BEFORE you're allowed to use that port to connect to anything. -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■The Morto worm threat: Use it to improve your security | Security - InfoWorld
This article I found to sum it up very nicely. I'm not happy that it came out, but this definitely makes you look at security in-depth.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff