1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Audit: RDP BruteForce Attempt

Audit: RDP BruteForce Attempt

Severity: Low

This attack poses a minor threat. Corrective action may not be possible or is not required.

Description

This signature detects RDP Bruteforce attack.

Additional Information

Attackers/Malwares use RDP protocol to bruteforce and gain access to machines. Once access is obtained they proceed to steal or destroy data.

Affected

  • Various Windows Platforms.

Response

Unless otherwise known, any unintended RDP communication in this network traffic should be treated as Malicious. Actions should be taken to suspend and audit the communication and potentially block this network Activity from further communication.

If you want to block this traffic, refer following link:
https://support.symantec.com/en_US/article.HOWTO80883.html
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube