Sunday, September 11, 2011

Improve PC Security by Changing the RDP Port

To protect against bots and script kiddies, the RDP Port must be changed.When Remote Desktop is enabled, additional precautions must be taken to minimize the possibility of malware infection and hacking. If the tech at a software company can remotely operate your computer, then so can anybody else with the knowledge and ability.

The remote desktop protocol drives Remote Desktop Services through Port 3389 by default. Any Remote Desktop connections are made through Port 3389.So, by changing the RDP port, security is enhanced because bots and kiddies are designed to target RDP Port 3389.For this to be truly effective, implement a strong account lockout policy. This defends against the use of RDP protocol to obtain the administrator password. If the password is attainable due to the absence of an account lockout policy, then the RDP Port can be found regardless of what it has been changed to. Changing the default RDP port is achieved through a simple registry hack.

The Registry Hack

Run regedit from the start menu to open the Registry Editor. Navigate to HKEY_LOCAL_MACHINE, SYSTEM, CurrentControlSet, Control, Terminal Server, WinStations and RDP_Tcp. Find the PortNumber dword and right-click.
rdp port
Select Modify. Alter the base to Decimal and enter the new port number with a value between 1025 and 65535, as long as the port is not in use. Click OK.

The Software Hack

The Microsoft Fix It Wizard can be used to change the RDP Port. It is available through the Microsoft website. Here is the download link: Click this link and download the free utility. Click Next to initiate the Wizard. A PortNumber screen will be presented. Enter the value of an unused port that you want to use as the new RDP Port. Again, the value must be between 1025 and 65535. Click Next and you are done.
change rdp port
Reboot the system to put the changes into effect.
The next time you connect to your system with RDP you are going to have to provide the new port number. Be sure that you write it down in a safe place so you do not forget. From the Remote Desktop client, append a colon after the ip address or after the host name and enter the port number after the colon. This will set everything up to operate normally.


via : Ghacks
If you enjoyed this post, make sure you subscribe to my RSS feed!

No comments:
Write comments