Tip

Securing Remote Desktop

Nick Diel (ndiel@ua.colostate.edu)

With all the emphasis on security for Remote Desktop for Windows XP and Server 2003, here's an easy way to secure Remote Desktop.

Remote Desktop normally runs on port 3389. This is the port the Remote Desktop client connects to on default and this is the port hackers scan to find open Remote Desktop connections. By changing this port number you essentially hide your Remote Desktop connection from hackers who scan port 3389 and no one will be able to connect your computer through Remote Desktop unless they know the port it runs on.

To change the port number Remote Desktop uses you must edit a registry key. The registry key you must edit is located at:
HKEY_LOCAL_MACHINESYSTEM/CurrentControlSet/Control/Terminal ServerWinStationsRDP-Tcp

This key is stored in a hex value so you must use a decimal to hex conversion tool such as the built in windows calculator (choose your desired port number and convert it to hex before you update the key).

You may need to reboot your computer for the change to take affect and also don't forget to update your firewall if you have one with the new port number.

To connect to your computer through Remote Desktop with an alternate port, enter the IP address or DNS name as you did before with one small modification, add :port number (i.e. if the port is set to 8989: instead of using 192.168.1.1 use 192.168.1.1:8989).


Fast guide: Remote control software

  Introduction
  Tip 1: VNC variant provides remote control boost
  Tip 2: A Remote Desktop alternative sheds its drawbacks
  Tip 3: Remote control freeware boosts cross-platform system administration
  Tip 4: Securing Remote Desktop

This guide originally appeared on SearchWinSystems.com

This was first published in April 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.