Hackers Exploit Weak Remote Desktop Protocol Credentials
( source )
Recently, there is the network news: Hackers Exploit Weak Remote Desktop Protocol Credentials. "Opportunistic attacks against RDP server and endpoint credentials "have been around for many, many years," Paul Pratley, head of investigations and incident response at MWR InfoSecurity in London, tells Information Security Media Group. Attackers now often use botnets to automatically search out internet-connected devices with exposed RDP ports and them hammer them with brute-force username and password guesses until their attack tools find a match, he says. Many RDP credential harvesters will then sell this access to others” was written. I used the collected Netflow data of one national university to analyze the intrusion on RDP in 2011. I found the normal connection and guessing user password and malicious login have different regularity. I also found that hackers used RDP to do the insider intrusion. According to my statistic, the most of intrusion are using the RDP. I suspected that the hackers stole the user information of Facebook via this kind of intrusion. That means the employee of the Facebook might download the APP which was infected the Trojan horse. The infected computer used RDP to do the intrusion and then steal the user information when it successfully intruded into the server.
DDoS Attacker Targeted Banks, Police, Former Employer
( source )
The FBI staff should get the thumbs up from the public. I guess that the FBI inspected the human relationships and then find out the hackers. I already described how to guard against UDP Flooging attack and DDoS in my previous comment. I need not repeat what has been written. A lot of universities and government agencies in Taiwan were attacked by China’s cyber warrior because the tension between the two sides has not been eliminated. Some of the units that adopt my suggestion can solve the problem of network congestion. I do not plume myself on these achievements. I just want to let you know that those attacking IPs can be found within 5 minutes when the network is under attack. You can only solve this problem by asking your ISP to block those IP addresses on their device.
You can use the device of IPS (Intrusion Prevention System) to conduct experiments. Using the software simulates DoS attack to generate a number of flow/session to attack the device of IPS. You can observe the proportion of the rate of CPU-usage to the number of flow/packet. The X-axis is the number of flow/packet and the y-axis is the usage of CPU-usage. You can use the data to plot a graph. If you use the more data to plot the graph, the result is approximately linear dependency. On the base of the two degrees of space, we can use the time as the z-axis to find out when will the device crash.
A student, who majored in economics, took my technical articles to attend the interview of the Purdue University. After the professor read it, the student was admitted to the Department of Electrical and Computer Engineering. The enterprises and government of U.S.A were being intruded and stolen the confidential data by hacker groups for a long term. Those issues caused a huge economic damage. You should think about the consequence of being hacked.