LAST UPDATED: 2022-08-29
Microsoft RDPEUDP is an extension to allow UDP transport for Microsoft Remote Desktop Protocol service (RDP), which by default uses TCP port 3389.
Exposed RDPEUDP services can be used as reflectors in DDoS amplification attacks. The response to the initial request packet is amplified ~28 times, with the protocol sending that response 3 times. As of January 2021, this service has been found to be abused in ongoing network attacks.
The scan was first announced in a January 25th 2021 blog entry here.
For more information on our scanning efforts, check out our Internet scanning summary page.