New worm targeting weak passwords on Remote Desktop connections (port 3389)

Thanks Ron. I tested my password (not same one, but similar string of letters, numbers and symbols) and found it would take 1.3 billion years to crack. In the future it may take only nanoseconds.

 

Thanks for the heads up Ron.

 

Virustotal score so far 23/44 (52.3%)

password-storage-101.html

~ Removed Copyrighted Image as per TOS ~

 

I wonder how on earth we're supposed to have secure systems if computational power keeps growing but our memory power does not. Not all systems can have anti-brute force implementations and as far as I know, there's yet to be an anti-brute force system created that doesn't have negatives.

 

Passwords are going to have to go away eventually.

 

Sort of interesting, but once again...*yawn* so easy to prevent; Firewall restrictions, SRP, AppLocker, anti-execuatble, LUA, common sense... strong passwords. They don't have to be 150 characters in length. Just strong.

 

computational power isn't increasing THAT fast. A 64 character password using every ASCII set has more permutations than a 256bit symmetric key. The likely hood of it being cracked in your (or my) lifetime is very slim. That is unless a true quantum computer is invented which is unlikely as well.

 

Another reason not to use weak passwords (as if we didn't have enough).

 

Does turning off allowing Remote Assistance (in Win7 (ultimate) Control Panel>System>Advanced System Settings, Remote Tab, uncheck Allow Remote and also check "Don't allow connections" in the bottom half of the dialog) do anything to mitigate possible infections or effects from this worm?

 

This is why you don't use port 3389.