DDoS-for-hire services are abusing the Microsoft Remote Desktop Protocol to increase the firepower of distributed denial-of-service attacks that paralyze websites and other online services, a security firm said this week. Typically abbreviated as RDP, Remote Desktop Protocol is the underpinning for a Microsoft Windows feature that allows one device to log into another device over the Internet. RDP is mostly used by businesses to save employees the cost or hassle of having to be physically present when accessing a computer. As is typical with many authenticated systems, RDP responds to login requests with a much longer sequence of bits that establish a connection between the two parties. So-called booter/stresser services, which for a fee will bombard Internet addresses with enough data to take them offline, have recently embraced RDP as a means to amplify their attacks, security firm Netscout said. The amplification allows attackers with only modest resources to strengthen the size of the data they direct at targets. The technique works by bouncing a relatively small amount of data at the amplifying service, which in turn reflects a much larger amount of data at the final target. With an amplification factor of 85.9 to 1, 10 gigabytes-per-second of requests… Read full this story
- Take a look at the Green New Deal before you attack it
- Philippine Clergy Report Death Threats As Duterte Attacks Catholic Church
- The first World Trade Center attack in 1993 killed six people
- Michael Cohen speaks his truth to power
- Trump’s petty fights and insults with CIA will make us all less safe
- Can Jay Inslee make the 2020 election solely about climate change?
- Europe fines Google $1.7B for abusing its dominant role in online advertising
- POLITICO Playbook: Dems prep next attack
- Power doesn't corrupt. It exposes leaders as they really are.
- 'Tom Clancy's The Division 2' makes nation's capital a battle zone
DDoSers are abusing Microsoft RDP to make attacks more powerful have 297 words, post on arstechnica.com at January 23, 2021. This is cached page on IT Breaking News. If you want remove this page, please contact us.