ddrueding
Fixture
https://threatpost.com/en_us/blogs/new-worm-morto-using-rdp-infect-windows-pcs-082811
Seems to only be a dictionary attack against the default port (3389). So have good passwords and don't use the default port.
The port can be changed in the registry here:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
Seems to only be a dictionary attack against the default port (3389). So have good passwords and don't use the default port.
The port can be changed in the registry here:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber