Re: I was "hacked" via RDP
I had a discussion once about the concept of doubling the time between login attempts:
start with a 1 second re-try and double the time for every wrong login attempt. Has anybody ever implemented this?
That's what a good BOFH would do
WITH THE ADDITION of a "bandwidth throttle" the more failed attempts, the more that specific IP or connection will be throttled.
Hopefully the attacker will give up in despair after increasing timeouts and a connection that get progressively slower.
Come to think of it, if it was possible to do a GPO where your timeout increases the more incorrect passwords you type, I will implement it most definitely.