Reply to post: Re: Rds on the internet

Attacks against Remote Desktop Protocol endpoints have exploded this year, warns ESET's latest Threat Report

Anonymous Coward
Anonymous Coward

Re: Rds on the internet

>It is about the same level of security as a curtain would offer.

Quite, but it is still extremely common to deploy an RDP-enabled GUI-driven box at the edge of a cloud environment to act as a human-friendly edge machine. This is commonly, stupidly called a "bastion", usually based on the clever tricks windows RDP can do in terms of preventing multiple logons, controlling clipboard access and so on.

I'm surprised RDP-centric attacks have taken this long to take off. Even if you shouldn't put them on the internet, plenty of people will through ignorance or error. Even if they don't they're always a very promising target to move sideways and potentially increase your privileges, because of that common role in mediating boundary security.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon