> For the complete documentation index, see [llms.txt](https://docs.fusion.vectra.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.fusion.vectra.ai/detection-models/library/misconfiguration/msrdp.md). # msrdp **Explanation** A Microsoft Remote Desktop Protocol (RDP) reflection attack is a type of DDoS attack where the attacker sends a forged packet to an open RDP server that causes it to send a large amount of traffic to a target. This traffic overwhelms the target's network, causing it to crash. **What to Look For** When examining the results of the msrdp event, look for any indications of a malicious actor attempting to send forged packets to an open RDP server. This can include a high volume of traffic from a single IP address, as well as packets with unusual characteristics or payloads. Endpoint analysis should focus on any anomalous behavior from RDP clients or abnormal network traffic from the affected device. Remediation measures may include blocking the offending IP address or disabling the RDP service on the targeted device. **Related MITRE ATT\&CK Categories** [Impact: Network Denial of Service, Technique T1498 - Enterprise](https://attack.mitre.org/techniques/T1498) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.fusion.vectra.ai/detection-models/library/misconfiguration/msrdp.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.