Before we start, a story. When I created my first web server, I’d found a copy of Windows NT Server 4.0, upgraded it to Service Pack 6a to get IIS enabled, opened port 80 on the router and viola, working webserver. This was 2001 and unfortunately my creation of a webserver coincided with the spread of the Code Red virus, and it reached my server within days of it being online.
Not knowing at the time, and thinking it was a one off,
formatted the hard drive and completed the whole setup again. A day passed
before the virus was back. Now with the knowledge of what was happening and wary
of it happening again. I rebuilt the server and this time put the website
behind port 8080, this time the virus never returned.
I thought to myself that this was security through
obscurity, and with the victory over Code Red, was something I held onto for
many years.
I applied this method when it came to opening RDP access to
the outside world, choosing a seemingly obscure port 8021 on each network
setup. However, I’ve been dealt a wakeup call following what I’ve just seen…
Continue reading “Taking Things for Granted – The RDP Attack.”