F-Secure warns in their blog about a network worm that takes advantage of Remote Desktop Protocol (RDP) as a way to spread itself. Once this Morto worm has infected the system it starts scanning the local network for machines having Remote Desktop Connection enabled. This thing creates much traffic for RDP port, port number 3389/TCP.
More information about Morto in F-Secure blog and there is also a discussion going on at Microsoft's Technet forums.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment