CyberSecC@ptBlackb3ard
  • 🦜Welcome
  • Cyber Security
    • Offensive Security
      • Penetration Testing Methodology
      • Pre-Engagement Interaction
      • Reconnaissance (Information Gathering)
        • Open-Source Intelligence (OSINT)
      • Scanning and Enumeration
        • Domain Enumeration
        • Network Enumeration
          • Network Mapper (nmap)
          • Port/Protocol & Service Enumeration & Attack
            • File Transfer Protocol (FTP): 20, 21
              • Trivial File Transfer Protocol (TFTP): 69
              • FTP over SSL/TLS (FTPS): 989, 990
            • Secure Shell (SSH): 22
            • Telnet: 23
            • Simple Mail Transfer Protocol (SMTP): 25
              • SMTP Secure (SMTPS): 587
            • Domain Name System (DNS):53
            • Dynamic Host Configuration Protocol (DHCP): 67, 68
            • Hyper Text Transfer Protocol (HTTP): 80
              • HTTP over SSL/TLS (HTTPS): 443
            • Kerberos: 88
            • Post Office Protocol version 3 (POP3): 110
            • Network Time Protocol (NTP): 123
            • Remote Procedure Call (RPC): 135
            • NetBIOS: 137, 138, 139
            • Internet Message Access Protocol (IMAP): 143
            • IMAP over SSL/TLS: 933
            • Internet Relay Chat (IRC): 194
            • Light Weight Directory Access Protocol (LDAP): 389
              • LDAP over SSL/TLS (LDAPS): 636
            • Server Message Block (SMB): 445
              • Hostname
              • Shared Folders
            • Network File System (NFS): 2049
            • Microsoft SQL Server: 1433
            • MySQL Server: 3306
            • PostgreSQL Server: 5432
            • Remote Desktop Protocol (RDP): 3389
            • Border Gateway Protocol (BGP): 179
            • Remote Authentication Dial-In User Service (RADIUS): 1812, 1813
        • Web Enumeration
      • Security Assessment Report Writing
      • Tools
        • Cryptography & Encoding
          • Password Recovery
        • Network Tools
  • Networking
    • OSI and TCP/IP Model
      • Common Network Ports & Protocols
  • Cloud
    • Cloud Computing
  • General
    • Cyber Security Theory
      • Information Security
      • Cybersecurity Resilience
      • Cybersecurity Posture
    • Terms and Acronyms
    • Database Cheat Sheets
Powered by GitBook
On this page
  1. Cyber Security
  2. Offensive Security
  3. Scanning and Enumeration
  4. Network Enumeration
  5. Port/Protocol & Service Enumeration & Attack

Remote Desktop Protocol (RDP): 3389

Security Weaknesses

  • Vulnerable to brute force attacks on login credentials.

  • RDP hijacking by exploiting unpatched systems.

  • Risks from unauthorized access due to misconfigurations.

Security Defense and Mitigation Measures

  • Enforce multi-factor authentication (MFA) for RDP access.

  • Restrict RDP access to specific IP addresses via a firewall.

  • Regularly update RDP servers and disable unused accounts.

Indicators of Compromise or Attack

  • Multiple failed login attempts on port 3389 (TCP).

  • Unauthorized RDP sessions from unexpected IPs.

  • Abnormal system changes or file access during RDP sessions.

PreviousPostgreSQL Server: 5432NextBorder Gateway Protocol (BGP): 179

Last updated 5 months ago