Win2012 (Win7/Win8) modified remote desktop 3389 port

Windows
7/Vista/XP/2003 and other systems in the remote terminal service is a very powerful service, but also became an intrusion In the channel of the host, the intruder can use some means to get the administrator account and password and invade the host. Below, let's see how to prevent hacking by modifying the default port.

Remote Terminal Services is based on port 3389. Intruders generally scan the host open port first. Once they find that they open port 3389, they will proceed to the next intrusion. Therefore, we only need to modify the default port to avoid the intruders.

Steps: Open “Start →Run”, enter “regedit”, open the registry and enter the following path:

[HKEY_LOCAL_MACHINE/SYSTEM/

CurrentControlSet /Control/Terminal Server/Wds/rdpwd/Tds/tcp],

Do you see the PortNamber value? The default value is 3389, which can be changed to the desired port, for example 8080, pay attention to the decimal. See the picture below:

Open [HKEY_LOCAL_MACHINE/SYSTEM/

CurrentControlSet/Control/Terminal Server/WinStations/RDP-Tcp],

The value of PortNumber (the default is 3389) is changed to port 8080. Note that decimal is used.

A lot of tutorials on the web
is over. Indeed, if it is an XP or 2003 system, the client can connect to the remote desktop through port 8080. However, under Vista and Win 7, the port for the above two modifications is 8080, and the client cannot connect to the remote desktop. The reason is that Vista and Win 7 have enhanced their own firewall capabilities. The following is a screenshot of the remote port's local port has been modified to 8080. The default local port is 3389:

From the firewall policy in the inbound rule, if not manually The port for modifying the firewall policy is 8080. You cannot find that the local port of any firewall policy is 8080. That is to say, in the inbound rule, if the release of port 8080 is not enabled, the firewall will refuse to access the 8080 port by default, which is why the client cannot successfully connect to the remote desktop.

The remote desktop policy in the inbound rule cannot be modified by default, so the firewall policy can only be modified by modifying the registry. Open [HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/

services/SharedAccess/Defaults/

FirewallPolicy/FirewallRules], change the data of 3389 in the value of RemoteDesktop-In-TCP to 8080, and save it. .

Open [HKEY_LOCAL_MACHINE/SYSTEM/

CurrentControlSet/services/SharedAccess/

Parameters/FirewallPolicy/FirewallRules] and include 3389 in the value of RemoteDesktop-In-TCP. The data is changed to 8080 and saved.

After the modification is completed, restarting the computer
will take effect, then you can use port 8080 when you log in remotely.

The specific access method is IP: port number, such as 192.168.100.100:8080, as shown below:

If you want to use the Internet (Internet) Remote desktop connection, you also need to port mapping on the router, as shown below:

However, there is still a problem to be solved, that is, to use the Internet To perform remote desktop, you must know the public network IP address of the remote router. Only when the public IP address is directed, the above port implicitly makes sense. Fortunately, most router manufacturers now add dynamic DNS support to the router. You can apply for a free domain name on the peanut shell (www.oray.net) and then use the dynamic public IP address obtained by the router. The fixed domain name is bound, so that the public domain IP address of the remote router is obtained by pinging the domain name, and finally the remote desktop connection of the Internet is successfully implemented.

Remote Desktop Connection via Internet Domain Name: