New worm targeting weak passwords on Remote Desktop connections (port 3389)

Discussion in 'malware problems & news' started by ronjor, Aug 29, 2011.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    https://blogs.technet.com/b/mmpc/ar...-on-remote-desktop-connections-port-3389.aspx
     
  2. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thanks Ron. I tested my password (not same one, but similar string of letters, numbers and symbols) and found it would take 1.3 billion years to crack. In the future it may take only nanoseconds.
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Thanks for the heads up Ron.
     
  4. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Last edited by a moderator: Aug 29, 2011
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    I wonder how on earth we're supposed to have secure systems if computational power keeps growing but our memory power does not. Not all systems can have anti-brute force implementations and as far as I know, there's yet to be an anti-brute force system created that doesn't have negatives.
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Passwords are going to have to go away eventually.
     
  7. wat0114

    wat0114 Guest

    Sort of interesting, but once again...*yawn* so easy to prevent; Firewall restrictions, SRP, AppLocker, anti-execuatble, LUA, common sense... strong passwords. They don't have to be 150 characters in length. Just strong.
     
  8. x942

    x942 Guest

    computational power isn't increasing THAT fast. A 64 character password using every ASCII set has more permutations than a 256bit symmetric key. The likely hood of it being cracked in your (or my) lifetime is very slim. That is unless a true quantum computer is invented which is unlikely as well.
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Another reason not to use weak passwords (as if we didn't have enough).
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    https://blogs.technet.com/b/mmpc/archive/2011/08/29/more-on-morto.aspx
     
  11. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
    Does turning off allowing Remote Assistance (in Win7 (ultimate) Control Panel>System>Advanced System Settings, Remote Tab, uncheck Allow Remote and also check "Don't allow connections" in the bottom half of the dialog) do anything to mitigate possible infections or effects from this worm?
     
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    This is why you don't use port 3389. ;)
     
Loading...
Thread Status:
Not open for further replies.