Remote Desktop Services will power by Remote Desktop Protocol (RDP) on Windows VPS and other Windows updates. If your system has Remote Desktop enabled, it awaits connections on port 3389 that hosts RDP connections. However, the issue is this:
Since this port allows access to different accounts _and is pretty vulnerable as well_ it has become a victim for beginner-hackers looking for an easy target. This article will describe how to change the Remote Desktop port in Windows VPS. We also will tell you how to explore the applications of Remote Desktop Services.
What is Remote Desktop?
A remote desktop is a Microsoft program that allows a user to connect to a computer in another location, see that computer’s desktop and interact with it as if it were there. For example, you can use all of your work computer’s programs, files, and network resources from your home computer, and it’s just like you’re sitting in front of your computer at work. By using a remote desktop, you can access your work files from home.
How do I connect to a remote computer?
To connect to a remote computer, you need the following steps:
- The remote computer must be turned on.
- It must have a network connection.
- Remote Desktop must be enabled.
- You must have network access to the remote computer (this could be through the Internet).
- And you must have permission to connect by being on the list of users.
Rule of thumb; use a strong password!
Basically, on a system that does not have an account lockout policy in place, the RDP protocol can be used to get the administrator password by use of a brute force attack. Since the RDP can allow access to other accounts, a threat to it can cause serious security hazards. Worse of all, if the system never locks out the account, then time is the only thing stopping the hacker from eventually guessing your password and logging in.
Account lockout policy is an option…
One possible approach is to implement a good account lockout policy but this alone does not handle the entire issue. Any administrator of a public-facing Windows web server will notice that their server is continuously attacked by bots looking for an easy target. The bots will often lock out your accounts which can be frustrating.
Best solution; change the listening port:
To protect your system from bots and petty-hackers we would recommend changing the default RDP port. This will go a long way in securing your account against bots and hackers.
How to change Remote Desktop port in Windows VPS:
To change remote desktop port in Windows VPS, do the following steps:
1- Click on the Start/run button, type registry editor /(Regedit)
2- In Registry Editor, navigate to
HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > Terminal Server > WinStations > RDP-Tcp.
3- Right-click, press New, and select DWORD (32-bit) value. Click on the New value #1
4- On the small window that pops up, rename new value #1 to PortNumber, Change the base to Decimal, enter a new port between 1025 and 65535 that is not already in use.
5- Click OK and reboot to change Remote Desktop port in Windows VPS.
- Make sure you have successfully rebooted to activate the change.
Be aware that altering the Windows registry is risky. We recommend that this task will take under the supervision of an experienced administrator.
- Make sure that you have taken necessary backups before you make any changes to the registry.
Keep in mind that the next time you want to connect to your system with RDP, you will need to provide the port number you entered. You can do that from the Remote Desktop client by appending a colon after the hostname or IP address followed by the port number.
For example, if I have a computer with the hostname of “test” with RDP running on port 1234, I would use: “test:1234” in the remote desktop client hostname field.