Jump to content

Archived

This topic is now archived and is closed to further replies.

itman

Eset RDP Brute Force Protection?

Recommended Posts

It would be much useful to know that the RDP is being brute-forced , and much more if the attempts would be blocked till the user apply any kind of other prevention like firewall or changing password or account lock-out.

Share this post


Link to post
Share on other sites

EIS+ESSP as well as business products v7+ protect from brute-force attacks by Network protection.

Share this post


Link to post
Share on other sites
7 hours ago, Marcos said:

EIS+ESSP as well as business products v7+ protect from brute-force attacks by Network protection.

Does this include RDP?

Share this post


Link to post
Share on other sites
8 minutes ago, peteyt said:

Does this include RDP?

Yes, it also covers SQL and SMB brute-force attacks.

Share this post


Link to post
Share on other sites
10 minutes ago, Marcos said:

Yes, it also covers SQL and SMB brute-force attacks.

Does that apply also to File Security ? , and it would be very nice addition the advanced machine learning settings for File Security , because too much files would just come through the servers.

Share this post


Link to post
Share on other sites
10 minutes ago, Rami said:

Does that apply also to File Security ? , and it would be very nice addition the advanced machine learning settings for File Security , because too much files would just come through the servers.

Yes, EFSW v7.x has it as well.

Share this post


Link to post
Share on other sites
2 minutes ago, Marcos said:

Yes, EFSW v7.x has it as well.

Ok thank you very much , I will just wait for the advanced machine learning settings that came to the endpoints and consumer products , it would be much useful for 0-day threats or never seen before threats.

Share this post


Link to post
Share on other sites
9 hours ago, Marcos said:

EIS+ESSP as well as business products v7+ protect from brute-force attacks by Network protection.

I was aware that a RDP setting existed in Eset IDS. However per Eset online help, it only covers:

Quote

Protocol RDP –  Detects and blocks various CVEs in the RDP protocol (see above).

https://help.eset.com/eis/13/en-US/idh_config_epfw_advanced_settings.html

As far as I am aware of, CVE's only pertain to known hardware/software vulnerabilities. A brute force RDP attack does not fall into this category to my best knowledge.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...