Hello, welcome to the Monday, August 24, 2020 edition of the Sandtonet Storm Center's Stormcast.

My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

Last Friday, I wrote a quick post based on a question as came via Twitter from Jack Rysetter, who's famous for his

Darknet Diaries podcast. Now, one thing he asked is, how do you help people that are being

surveilled or that are being stalked by someone? This is an issue that we had come up at the Internet Storm Center

a couple of times where people have reached out to us for help,

and we are always willing to help and eager to help,

but in the past have found that many of these problems go beyond what is just solvable with sort of a quick

technology solution or with helping someone investigate a suspicious machine. You have to be a little

bit careful with some of these situations, particularly if the request comes from a stranger that you haven't met

before, that you know really nothing about. And in this post, I summarize some of the issues

that we have come across and also at the end with the help from readers and from Twitters,

a couple of links with organizations that can help with this

particular problem that sadly is all too common. But what it really fundamentally comes down to,

this is often more than just a technology problem. So it's good and better to ask for help from someone that can look beyond the

technology issue that probably exists here. Now, we all probably have learned by now that

it's not a great idea to expose the Windows RDP service to the public.

So one trick that some administrators play

isn't not a bad idea necessarily,

if you have to expose RDP,

is to move RDP away to a different port

instead of the default port 3,389.

...