Ah, so you guys are the reason why the drive-by botnets that hit the ranges at work test for port 3389 to be open. They clear and enumerate a /16 in a few seconds, its nuts.
I figured it was just a leftover port like 445 from the days when people actually plugged in directly, but guess they still find enough open that its worth cycling through the laundry list of windows exploits for anyone behind on their patches. (patch tuesday = exploit wednesday) Probably overdue for another 0day anyways.
PS you're crazy if you have services meant for trusted LANs forwarded to your WAN on the same ports no less.
When I stopped caring about super quiet: E5 1680v2 @ 4.5Ghz, 980ti, i750 SSD - JS9500 & Dell P2715Q for dual 4k@60 because reasons
SAN shares over 56Gb infiniband, microcenter + fleabay = severe risks to my wallet