cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
366
Views
5
Helpful
2
Replies

Vulnerability in Remote Desktop Protocol (RDP) Could Lead to Denial of Serv

stevem
Level 1
Level 1

I just came across this MS announcement re a DOS vulnerability with RDP. If we have 3389 open for RDP are there any other precautions I can take on my PIX to limit the exposure to this? For instance adding some limitations on the end of my static translation or will the PIX be able to recognize a DOS attack via port 3389 with the default IDS running on it?

Microsoft Security Advisory (904797)

2 Replies 2

owillins
Level 6
Level 6

The TCP intercept feature implements software to protect TCP servers from TCP SYN-flooding attacks, which are a type of denial-of-service attack. The TCP intercept feature helps prevent SYN-flooding attacks by intercepting and validating TCP connection requests.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt3/scdenial.htm

http://www.cisco.com/warp/public/707/4.html

Right on, thank you. Forgot that we can limit this on a static translation so our server won't take a pounding.