Re: Rds on the internet
>It is about the same level of security as a curtain would offer.
Quite, but it is still extremely common to deploy an RDP-enabled GUI-driven box at the edge of a cloud environment to act as a human-friendly edge machine. This is commonly, stupidly called a "bastion", usually based on the clever tricks windows RDP can do in terms of preventing multiple logons, controlling clipboard access and so on.
I'm surprised RDP-centric attacks have taken this long to take off. Even if you shouldn't put them on the internet, plenty of people will through ignorance or error. Even if they don't they're always a very promising target to move sideways and potentially increase your privileges, because of that common role in mediating boundary security.
Biting the hand that feeds IT
