Change Remote Desktop RDP Port

Microsoft Windows 10 Windows 11 Windows 7 Windows 8 Windows Server Windows Vista
Posted August 2011 by Steve Sinchak

Port 3389 is the home of the remote desktop protocol that powers Remote Desktop Services on all modern versions of Windows.  If your system has Remote Desktop enabled, it is listening for connections on port 3389.  Since this port is both well known and can be used to attack accounts, it is low hanging fruit for script kiddies and bots looking for an easy target.

Theoretically on a system that does not have an account lockout policy in place, which by the way is not a system default, the RDP protocol can be used to get the administrator password with brute force.  Brute force is a fancy way of saying trying all possible passwords.  If the system never locks out the account then time is the only barrier to eventually getting you password and logging in.

The first defense is to implement a good account lockout policy but that does not solve the entire problem.  Any administrator of a public facing Windows web server will notice that their server is continiously attacked by bots looking for an easy target.  The bots will often lock out your accounts which can be very annoying.

To protect your system from the bots and script kiddies I always reccomend changing the default RDP port.  This will not fool an intelligent attacker but it will weed out the noise.

Follow these steps to change the Remote Desktop server port:

  1. Open up Registry Editor by clicking on the Start Button, type in regedit and then hit Enter.
  2. In Registry Editor, navigate to HKEY_LOCAL_MACHINE, SYSTEM, CurrentControlSet, Control, Terminal Server, WinStations and RDP-Tcp.
  3. Right click on the PortNumber dword and select Modify.
  4. Change the base to Decimal and enter a new port between 1025 and 65535 that is not already in use.
  5. Click OK and reboot.

Make sure to reboot to activate the change.

Keep in mind that the next time you want to connect to your system with RDP you will need to provide the port number.  You can do that from the Remote Desktop client by appending a colon after the host name or ip address followed by the port number.  For example, if I have a computer with host name of tweak with RDP running on port 1234 I would use tweak:1234 in the remote desktop client hostname field.

Related Posts

Enable iOS AirPrint Support on Windows (and now Macs too)

Windows XP Windows Vista Windows Server Windows 8 Windows 7 Windows 11 Windows 10 Microsoft macOS Apple

In the latest version of iOS Apple included a new feature called AirPrint. Designed to bring native printing support to the iOS platform it can be found on version 4.2 or later on devices such as the iPhone, iPod, and iPad. At launch only a handful of HP wireless printers could be used but with the help of this article it is possible to AirPrint to any printer connected to a Windows computer, including...

Read More

Configure IP Address and DNS from Command Line

Windows Vista Windows Server Windows 8 Windows 7 Windows 11 Windows 10 Microsoft

Would you like to configure the IP address and DNS settings of your Windows PC just using the command prompt?  Rather than click through the user interface, these items can quickly be set with just a few commands.

Read More

Popular Posts

All Tags

11ty Apple Debian Dev Eleventy Home Assistant iOS iOS 6 iOS 7 iPhone Linux Mac macOS Microsoft Office 365 OS X PowerShell Raspbian Ubiquiti Ubuntu UniFi Windows Windows 10 Windows 11 Windows 7 Windows 8 Windows Server Windows Vista Windows XP

Advertisement

Other Cool Sites

Share This Page

Share to RedditReddit
Share to TwitterTwitter
Share to FacebookFacebook
Share to LinkedInLinkedIn
Like us on Facebook