News

‘More and more ddos ​​attacks via udp amplification on Remote Desktop Protocol’

By admin
Spread the love

Criminals are increasingly using the Remote Desktop Protocol on Windows to carry out DDOs attacks. For the execution of amplification and reflection attacks, computers are increasingly sought after that protocol is open.

Ddos attackers are increasingly scanning for RDP ports that are open, security company Netscout writes in a report. The attackers thus send udp packets to the udp ports of servers on which the Remote Desktop Protocol is open. According to the researchers, Rdp is only exploited if udp port 3389 is open on the server. Attacking the protocol reinforces a ddos ​​attack, also known as an amplification attack. In such attacks, a small packet can still be used to generate a lot of traffic.

According to Netscout, an amplification attack via rdp has a gain of 85.9. For comparison, a dns amplification attack is one with a factor of 180, and an ntp amplification one with a factor of 550.

The researchers say that rdp amplifications have been added to well-known booters, which can be bought for little money. With such ddos-as-a-service packages, attackers can easily execute ddos ​​without having to arrange the infrastructure themselves. Netscout says that at least 14,000 rdp servers worldwide have their udp port 3389 open. The security company advises companies to take the systems offline or put them behind a VPN.

You might also like
News

EU Council determines position on security requirements for digital products

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Telegram has over 800 million active users and is not yet profitable

News

AMD: Intel’s proposal for 64bit-only x86 architecture is very interesting

News

Microsoft releases new font for Word, Outlook, PowerPoint and Excel