Hacking

Hail Hydra – RDP brute forcing with HYDRA

Securing services requires a broad range of knowledge of operating systems, networking, protocols and offensive capabilities. So I thought I would demonstrate some testing methods to show how a control is effective in blocking certain types of attack, so here’s some offensive and defensive guidance to limit RDP attacks. Please remember this is for educational purposes, do NOT break the law and only use these techniques where you have permission! #whitehat

Overview

This document provides a sample of the internal (white box) testing process and procedure for testing RDP controls against brute force attacks.

Test Objectives

  • Demonstrate only authorised users can access the service
  • Demonstrate Remote Desktop Services has a hardened configuration
  • Demonstrate a brute force attack

Method

  1. Scope Evaluation
  2. Testing
    1. Enumeration
    2. Vulnerably Assessment
    3. Exploitation
  3. Report Results

Read more “Hail Hydra – RDP brute forcing with HYDRA”

Reviews

Defending your cheque book as well as your endpoints

Since almost before time began (ok so 1974 – Rabbit) malware and viruses have existed on computers, since then the volume and level of sophistication of attacks has dramatically increased. You are no longer defending against viruses, you are defending against attacks from a whole range of threat actors. Aside from backups, antivirus is often one of the first and last lines of defence on systems, as such over the years a range of products and services have arisen (and far more opinions) in the antivirus space, so much so that now we have solution stacks named endpoint detection and response. So, to get to the point, the threat landscape is vast (this year alone there has been 6 million new malware samples discovered – https://www.av-test.org/en/statistics/malware/)

A new Superhero?

Windows defender was always an underdog in this space, if you google “Windows 10 defender reviews” you will see a range of star ratings such as, 3 out of 5, 2.5 out of 5, 2 out of five etc.

Security has never been more in focus with business, however there is always a driver to ensure costs are controlled and value is being added, so I thought I would write about Windows 10 defender and look at some of the reasons you may want to drop your 3rd party solution. Read more “Defending your cheque book as well as your endpoints”

Copyright (c) Xservus Limited