Reminder: If you've moved RDP to a non-standard port and opened it up to the outside world thinking that'll be safe, think again. Attackers are actively looking for RDP on alternate ports. In the past 24 hours alone, I've logged 110+ hosts attempting RDP auth on 11,850+ ports.
3
5
14
Replying to @tliston
What’s weird to me is that I don’t see similar scanning for SSH on alternate ports.

Feb 5, 2021 · 7:17 PM UTC

1
Replying to @hal_pomeranz
Agreed. I suppose the RDP hackers just have a bit more gumption than the SSH crew... Gotta like bad guys with ambition.
2
I suppose we haven’t had an SSH remote exploit for a while. The same cannot be said of RDP.
1
more replies