GEN:SID 1:2418
Message MISC MS Terminal Server no encryption session initiation attempt
Summary This event is generated when an attempt is made to connect to a
Microsoft Terminal Server without using encryption.
Impact Serious. Denial of Service.
Detailed Information Microsoft Windows Terminal Server for NT systems fails to correctly
validate RDP data from client machines that do not use encryption.
Affected Systems Microsoft Windows Terminal Server
Attack Scenarios An attacker can use one of the publicly available exploit scripts to
cause the DoS.
Ease of Attack Simple. Exploit software exists.
Corrective Action Apply the appropriate vendor supplied patch.
Additional References  
Rule References url: www.microsoft.com/technet/security/bulletin/MS01-052.mspx