Categories

Defending Windows Remote Desktop (RDP) against Hydra Brute Force Attacks - For Educational Use ONLY!

Published: 04 January 2022
on channel: LS111 Cyber Security Education
5,600
143

PLEASE NOTE: All information, techniques and tools showcased in these videos are for educational and ethical penetration testing purposes ONLY and is intended for individuals aspiring towards a career in cyber security either as a penetration tester or a network defender/analyst. NEVER attempt to use this information to gain unauthorized access to systems without the EXCPLICIT consent of its owners. This is a punishable offence by law in most countries.

Hey all and welcome back to my channel! In this lab I will show you how to perform a basic Nmap port scan against a Windows 10 host to assess for any open RDP ports. We will then user a popular tool installed on Kali Linux called Hydra, to attack and brute force the username and password of the RDP account on the Windows machine. I will also show you how to setup a lock out security policy on the Windows machine to help prevent these types of brute force attacks, and discuss a few alternative mitigation techniques, such as using a firewall, VPN and strong passwords.

As always, this is for educational purposes ONLY, so please don't try any of these tools or techniques outside of your lab environment, unless you have the explicit permission of the system owner do perform such penetration tests.

I Hope that you enjoy this video, and if you do it would be much appreciated if you like and subscribe!

🔗LINKS🔗

Hydra - https://www.kali.org/tools/hydra/
About RDP - https://en.wikipedia.org/wiki/Remote_...
NMAP - https://nmap.org/

CHAPTERS -
00:00 - Intro
00:21 - What is Remote Desktop Protocol (RDP)?
01:10 - Running Nmap to assess the open ports
02:42 - Using Hydra to launch the Attack
03:57 - Testing/login with the discovered credentials using Remmina
04:50 - Setting up the Account Lockout Security Policy
07:05 - Testing Hydra after the Lockout Policy has been set
08:11 - Other attack mitigation techniques
08:46 - Wrap up/Summary
09:15 - Outro

NOTE: I am not sponsored by or affiliated to any of the products or services mentioned in this video, all opinions are my own based on personal experiences.



#Hydra #Cybersecurity #Education

play_arrow
216
0

II Всероссийский фестиваль традиционной Аюрведы и Йоги — AreYouVedic

II Всероссийский фестиваль традиционной Аюрведы и Йоги — AreYouVedic
play_arrow
25
10

How To Solve You Have Exceed The Maximum Numbers Of Video layers In Kinemaster 2020 | Only One Click

How To Solve You Have Exceed The Maximum Numbers Of Video layers In Kinemaster 2020 | Only One Click
play_arrow
123,876
794

Looking For That Girl ~ Tim McGraw *lyrics*

Looking For That Girl ~ Tim McGraw *lyrics*
play_arrow
590
4

А какой паспорт вы бы хотели себе?

А какой паспорт вы бы хотели себе?
play_arrow
52
1

КАК НЕ БЫТЬ ОБМАНУТЫМ В КРИПТОВАЛЮТНОМ МИРЕ? Заглавное видео 📊

КАК НЕ БЫТЬ ОБМАНУТЫМ В КРИПТОВАЛЮТНОМ МИРЕ? Заглавное видео 📊
play_arrow
1,624
51

Living Abroad in Barcelona: The Real Truth & If It’s Really Worth It

Living Abroad in Barcelona: The Real Truth & If It’s Really Worth It
play_arrow
785
10

Se você plantar uma sementinha. Apresentação infantil.

Se você plantar uma sementinha. Apresentação infantil.
play_arrow
610,845
568

drukwerk je loog tegen mij

drukwerk je loog tegen mij
Related
play_arrow
Zenarmor 1.16: Your Ultimate Weapon for Unbeatable Cyber Security Protection

Zenarmor 1.16: Your Ultimate Weapon for Unbeatable Cyber Security Protection
play_arrow
Unleashing the Power of Zenarmor, ELK & Community ID - Hunting for Cyber Threats

Unleashing the Power of Zenarmor, ELK & Community ID - Hunting for Cyber Threats
play_arrow
The shocking truth behind migrating from pfSense to OPNsense - Important contemplation before you do

The shocking truth behind migrating from pfSense to OPNsense - Important contemplation before you do
play_arrow
Demystifying Zenarmor and Datadog SIEM Integration: The Ultimate MSSP and Business User's Guide

Demystifying Zenarmor and Datadog SIEM Integration: The Ultimate MSSP and Business User's Guide
play_arrow
Zenarmor 1.15 just released🔥- New features and UI improvements!

Zenarmor 1.15 just released🔥- New features and UI improvements!
play_arrow
Wazuh SIEM & Zenarmor NGFW Integration using Syslog

Wazuh SIEM & Zenarmor NGFW Integration using Syslog
play_arrow
Zenarmor 1.14 just launched! 🚀- BIG OPNsense visual & functional dashboard improvements.

Zenarmor 1.14 just launched! 🚀- BIG OPNsense visual & functional dashboard improvements.
play_arrow
How to Integrate Zenarmor with Microsoft Active Directory - MSP and Business Users Guide

How to Integrate Zenarmor with Microsoft Active Directory - MSP and Business Users Guide
play_arrow
How to Integrate Wazuh & TheHive - Virtual Lab Building Series Ep: 13

How to Integrate Wazuh & TheHive - Virtual Lab Building Series Ep: 13
play_arrow
Zenarmor INSIDER NEWS - Netmap driver improvements & why the company changed its name

Zenarmor INSIDER NEWS - Netmap driver improvements & why the company changed its name
play_arrow
How to create an L2 bridge using Netplan & install Zenarmor on Ubuntu 22.04

How to create an L2 bridge using Netplan & install Zenarmor on Ubuntu 22.04
play_arrow
What's new in Zenarmor 1.13 - An MSP & Enterprise decision-makers guide

What's new in Zenarmor 1.13 - An MSP & Enterprise decision-makers guide
play_arrow
How VirtualBox 7.0 networking works - NAT, NAT Network, Internal Network, Bridged Adapter

How VirtualBox 7.0 networking works - NAT, NAT Network, Internal Network, Bridged Adapter
play_arrow
Improve your cyber security using Zenarmor - an MSPs guide to creating value & income streams

Improve your cyber security using Zenarmor - an MSPs guide to creating value & income streams
play_arrow
How to use a cloud-deployed Zenarmor SWG to secure cloud resources & users in a SASE architecture.

How to use a cloud-deployed Zenarmor SWG to secure cloud resources & users in a SASE architecture.
play_arrow
How to benefit from Zenarmor NGFW protection anywhere using OPNSense and Zerotier

How to benefit from Zenarmor NGFW protection anywhere using OPNSense and Zerotier
play_arrow
How to enable Cortex analyzers - Virtual Lab Building Series: Ep12

How to enable Cortex analyzers - Virtual Lab Building Series: Ep12
play_arrow
UPDATED - TheHive, MISP & Cortex Integration - Virtual Lab Building Series: Ep11.5

UPDATED - TheHive, MISP & Cortex Integration - Virtual Lab Building Series: Ep11.5
play_arrow
How to use CrowdSec on OPNSense including a NAXSI WAF integration.

How to use CrowdSec on OPNSense including a NAXSI WAF integration.
play_arrow
OPNSense - Web Application Firewall (WAF) configuration using NAXSI

OPNSense - Web Application Firewall (WAF) configuration using NAXSI
play_arrow
DNS Over TLS on OPNSense - Extra Online Privacy Using Encryption

DNS Over TLS on OPNSense - Extra Online Privacy Using Encryption
play_arrow
Zenarmor Next-Gen Firewall - Exploring the advanced security features & paid subscription

Zenarmor Next-Gen Firewall - Exploring the advanced security features & paid subscription
play_arrow
How to Integrate Cortex & MISP with TheHive in your SOC - Virtual Lab Building Series: Ep11

How to Integrate Cortex & MISP with TheHive in your SOC - Virtual Lab Building Series: Ep11
play_arrow
TheHive, Cortex & MISP Installation Using Docker Compose - Virtual Lab Building Series: Ep10

TheHive, Cortex & MISP Installation Using Docker Compose - Virtual Lab Building Series: Ep10