top of page

On Publishing RDP to the internet

This graph shows the difference between the attacks on a publicly published RDP server, and one that is not published on port 3389. On the left, we have the report from 1 year ago before deciding to close the port, on the right we have the graph on the same address today. Not shown here: the number of attacks have decreased significantly.

Ref: SingCERT advisory "Kaspersky Report on Compromised RDP Servers - "The xDedic Marketplace" In essence a number of public facing IP addresses, notably some in Singapore, are on a list for sale in the black market, presumably because their administrator passwords have been compromised through brute force.

Featured Posts
Recent Posts
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page