Recently, there was a ransomware incident at a nearby school district. The event occurred through a Remote Desktop Protocol Session (RDP) running on the Technology Coordinator's desktop. His machine had a publicly accessible RDP IP address so he could work from home, etc. Unfortunately, his computer was compromised and subsequently used to attack their servers.
If you are using RDP to get access to your network from outside, I recommend the following:
- Kill all RDP sessions accessible from outside your internal network. This may require editing your firewall settings to remove the public IP address(es) to your RDP computers.
- Change your password on any accounts used for accessing public RDP. The current en vogue system is to use passphrases rather than passwords.
- If you must have remote access, set up a VPN to handle that instead of RDP.Several companies offer secure VPN access.
- Do NOT put your own login account into the Domain Admins group.
- For internal RDP sessions, do *NOT* save the logon credentials. I know it is a pain, but better safe than sorry. :-)
Thanks for the reminder. I wish it could help against ransomware ;(
ReplyDeleteWin Big with our £150 Deposit Bonus at BetMGM Casino
ReplyDelete› casino 의왕 출장마사지 › jackpot-king-a 나주 출장마사지 › casino › jackpot-king-a BetMGM Casino is giving away a whopping £150 cash bonus 사천 출장안마 package to 성남 출장안마 new players. The bonus is great for new and 인천광역 출장샵 experienced players alike.