If you like me is a big fan of the Windows feature Remote Desktop, you might find this post interesting. I will tell you how you can change the default port for Remote Desktop making it harder for hackers to attack your computer.
What is Remote Desktop?
Remote Desktop is a great built-in service first introduced in Windows XP. It allows users to remote control Windows to perform all kind of tasks. Because it is a built-in feature, it is also a bit target for hackers. As per default the feature is not active and you are also denied access with users with a blank password. The service is listening for traffic on TCP port 3389 and all hackers know that. That is why they will be looking for firewalls that allow connection on that port using all kinds of port scanners. The best solution to avoid attacks will be to require VPN connections to access a computer behind a firewall. If that is not an option you might want to change the port that Remote Desktop is listening on.
How to change port for Remote Desktop
To change the listening port for remote desktop you will have to make a small change in Windows using the Registry editor (regedit.exe). You will need to navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\
Edit the value: PortNumber to the new number you want instead of the default 3389 (e.g. 3390)
The next time you restart your computer it will be listening on the new port and only allow connection on that specific port. If you don’t like to make changes to your computer using regedit, Microsoft have made a small Fix It application that can make the changes for you. All you have to do is to enter the new port number you want to use. To download the Fix It tool, just click on the image below.
Notice: If you are running Windows Firewall on the computer you want to connect to you will have to create a new rule allowing TCP inbound traffic on you new custom port.
How to connect to a Remote Desktop using a custom port
In order to tell your remote desktop client to connect to the new custom port you will have to add the port number after the IP address or name you are connecting to. E.g. 192.168.150.130:3390 Per default the RDP client will always try to connect using port 3389.
I hope that you found this post useful. If you have any questions or something else on your mind please leave me a comment below.