Create account

2109d · Security
replied 2108d
That's a lot of attempts! The amount of people & bots trying to log-in to and hack my website is absurd. It is interesting to see the attempts they use though.
replied 2108d
Are you reporting abusive hosts?
replied 2107d
Where can you report them? I just permanently ban them but I'll look into reporting them as well.
replied 2107d
Lookup WHOIS information and report abusive hosts via e-mail or use online tools such as https://www.abuseipdb.com/report
replied 2107d
Cool, will definitely do that. Will have to dedicate an evening every so often just to go through them all.
replied 2108d
Context? Is it just connected to the internet?
replied 2108d
Remote Desktop connection probing, but it's not even a standard port
replied 2108d
Do you have ports opened to it?
replied 2108d
Yes
replied 2108d
Hope it's just for testing, lol.

Put these kind of services behind a VPN which supports certification based auth and 2FA.
replied 2108d
It's not a desktop - Windows Server 2016
replied 2108d
No difference. Exposing RDP is one of the top reasons for hacks and ransomware infections.
replied 2108d
That's why it's rate limited now (intrusion detection / prevention system)
replied 2108d
That won't save you from the inevitable and upcoming vulnerabilities... Seriously dude, it is retarded to expose RDP.
replied 2108d
RDP is not a problem - people are a problem. Maybe you've heard

replied 2108d
Not sure what's your point there. It's retarded to expose any services that allow root access (RDP/SSH the same).
replied 2108d
The sudo stuff is an escalation bug. RDP had a long string of serious, remotely exploitable vulnerabilities too.
replied 2108d
Hit up any devops/sysadmin forums and ask what they think about opening a port for RDP without any restriction.
replied 2108d
It is restricted.
replied 2108d
If it was adequately restricted then you wouldn't have any hits like shown on the picture.

I get it tho, you're one of those who can't learn from other people's mistakes. 😂
replied 2108d
That's just what happens if restrictions are temporarily disabled.
replied 2108d
Still idiocy, but i'm ok with that too.
replied 2108d
You're a bit paranoid. And there is no sensitive data on my server, if anything happens I can just reinstall.
replied 2108d
I'm experienced not paranoid. Bot armies are looking for weak servers 0/24 which are being used to attack valuable targets...
replied 2108d
Server 2016 is basically a reskinned windows 10 (you can see the xbox servives and other desktop crap in it).
replied 2109d
You use Windows?
replied 2108d
Linux on my desktop, that's WIndows, because Linux doesn't support the hardware
replied 2108d
i have never heard of that before! I thought Linux runs everywhere
replied 2108d
It's just the network adapter