Jump to content

Eset RDP Brute Force Protection?


itman
 Share

Recommended Posts

As far as I am aware of, Eset has no protection against it.

On the other hand, Kaspersky's IDS has included it since 2014 on all product lines where IDS is included: https://www.kaspersky.com/blog/a-multiheaded-battering-ram-rdp-bruteforce-attacks-on-the-rise/14971/

Link to comment
Share on other sites

  • Most Valued Members

It would be much useful to know that the RDP is being brute-forced , and much more if the attempts would be blocked till the user apply any kind of other prevention like firewall or changing password or account lock-out.

Link to comment
Share on other sites

  • Most Valued Members
7 hours ago, Marcos said:

EIS+ESSP as well as business products v7+ protect from brute-force attacks by Network protection.

Does this include RDP?

Link to comment
Share on other sites

  • Most Valued Members
10 minutes ago, Marcos said:

Yes, it also covers SQL and SMB brute-force attacks.

Does that apply also to File Security ? , and it would be very nice addition the advanced machine learning settings for File Security , because too much files would just come through the servers.

Link to comment
Share on other sites

  • Administrators
10 minutes ago, Rami said:

Does that apply also to File Security ? , and it would be very nice addition the advanced machine learning settings for File Security , because too much files would just come through the servers.

Yes, EFSW v7.x has it as well.

Link to comment
Share on other sites

  • Most Valued Members
2 minutes ago, Marcos said:

Yes, EFSW v7.x has it as well.

Ok thank you very much , I will just wait for the advanced machine learning settings that came to the endpoints and consumer products , it would be much useful for 0-day threats or never seen before threats.

Link to comment
Share on other sites

9 hours ago, Marcos said:

EIS+ESSP as well as business products v7+ protect from brute-force attacks by Network protection.

I was aware that a RDP setting existed in Eset IDS. However per Eset online help, it only covers:

Quote

Protocol RDP –  Detects and blocks various CVEs in the RDP protocol (see above).

https://help.eset.com/eis/13/en-US/idh_config_epfw_advanced_settings.html

As far as I am aware of, CVE's only pertain to known hardware/software vulnerabilities. A brute force RDP attack does not fall into this category to my best knowledge.

Link to comment
Share on other sites

Maybe the way to proceed is to verify Eset's RDP brute force password protection. For anyone using RDP, here is an article listing a number of RDP brute force attack tools that are readily available for penetration testing: https://resources.infosecinstitute.com/popular-tools-for-brute-force-attacks/

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...