New Worm Morto Using RDP To Infect Windows PCs 200
Trailrunner7 writes "A new worm called Morto has begun making the rounds on the Internet, infecting machines via Remote Desktop Protocol. The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows. Users who have seen Morto infections are reporting in Windows help forums that the worm is infecting machines that are completely patched and are running clean installations of Windows Server 2003."
Re:...or that hate default ports... (Score:4, Insightful)
nonsense, RDP (and most other tcp services) can be quickly scanned and identified on ANY port
Of course if you're serious about security then a port-scan would be logged and blocked. They'd need to compromise multiple machines or scan at a very slow rate in order to be able to get past such a firewall.