1

RDP Traps ?

posted
*
by
Avatar
z3bra@lemmy.sdf.org
in
Avatar
cybersecurity@sh.itjust.works
0 comments
hidereport

I’ve recently dug into my firewall logs and the most traffic I seem to receive from internet is targeting port 3389.

While I could just blacklist the source IPs and call it a day, I would like to actually listen on this port and “trap” them in a fake RDP connection.

There are tools like endlessh, and I’ve found that you can do the same for http by sending an endless stream of headers. I would like to do the same for RDP, and before I start digging into the whole spec, I was wondering if there is already something similar for RDP.

Is anyone aware of that ? Is that even a thing ?

Sort:
HotTopControversialNewOld
No comments yet!

Cybersecurity

!cybersecurity@sh.itjust.works

Create post

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

  • Be respectful. Everyone should feel welcome here.
  • No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
  • No Ads / Spamming.
  • No pornography.

Community Rules

  • Idk, keep it semi-professional?
  • Nothing illegal. We’re all ethical here.
  • Rules will be added/redefined as necessary.

If you ask someone to hack your “friends” socials you’re just going to get banned so don’t do that.

Community stats

  • 1

    Monthly active users

  • 16

    Posts

  • 0

    Comments

Community moderators