Taking Things for Granted – The RDP Attack.

Before we start, a story. When I created my first web server, I’d found a copy of Windows NT Server 4.0, upgraded it to Service Pack 6a to get IIS enabled, opened port 80 on the router and viola, working webserver. This was 2001 and unfortunately my creation of a webserver coincided with the spread of the Code Red virus, and it reached my server within days of it being online.

Not knowing at the time, and thinking it was a one off, formatted the hard drive and completed the whole setup again. A day passed before the virus was back. Now with the knowledge of what was happening and wary of it happening again. I rebuilt the server and this time put the website behind port 8080, this time the virus never returned.

I thought to myself that this was security through obscurity, and with the victory over Code Red, was something I held onto for many years.

I applied this method when it came to opening RDP access to the outside world, choosing a seemingly obscure port 8021 on each network setup. However, I’ve been dealt a wakeup call following what I’ve just seen…

Continue reading “Taking Things for Granted – The RDP Attack.”