Change RDP port via command line?

Remote Desktop Protocol (RDP) allows secure access to remote systems. Changing the RDP port can enhance security by reducing exposure to potential cyber threats. This guide explains how to change the RDP port using the command line effectively.

Why Change the Default RDP Port?

The default RDP port (3389) is often targeted by malicious actors. Changing this port minimizes the risk of brute force and port-scanning attacks, ensuring an additional layer of security.

Changing the default Remote Desktop Protocol (RDP) port can enhance your system’s security and reduce the risk of unauthorized access. By default, RDP operates on port 3389, which is widely known and often targeted by attackers using automated scanning tools to exploit vulnerabilities. Altering this default port makes it harder for malicious actors to find and attack your system.

Additionally, changing the RDP port can help mitigate brute force attacks and reduce the likelihood of Distributed Denial of Service (DDoS) attacks aimed at the default port. It can also make system logs more manageable by minimizing unnecessary connection attempts.

However, it’s important to note that this is not a foolproof security measure. It should be part of a broader strategy that includes using strong passwords, enabling firewalls, implementing multi-factor authentication (MFA), and keeping your system updated with the latest security patches.

Steps to Change the RDP Port via Command Line

Step 1: Open the Command Prompt as Administrator

  • Press Win + S and type cmd.
  • Right-click on Command Prompt and select Run as administrator.

Step 2: Access the Windows Registry

To change the RDP port, you must modify the registry settings. Use the following command to open the registry editor via the command line:

regedit

Step 3: Navigate to the RDP Registry Key

Once the registry editor opens, navigate to the following path:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

Alternatively, you can use the reg command directly:

reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"

Step 4: Modify the Port Number

To change the port, execute the following command:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d <new_port_number> /f

Replace <new_port_number> with your desired port number. For example:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d 5000 /f

Step 5: Update the Firewall Settings

Ensure the new RDP port is allowed through the firewall. Use the following commands:

  1. To add the new port to the firewall exception list:
    netsh advfirewall firewall add rule name="RDP New Port" dir=in action=allow protocol=TCP localport=<new_port_number>
  2. Replace <new_port_number> with the port chosen in Step 4.

Step 6: Restart the System

To apply the changes, restart your computer. Use the command:

shutdown /r /t 0

Test the New RDP Port

After restarting, connect using the updated port:

mstsc /v:your_ip_address:<new_port_number>

Replace your_ip_address with the system’s IP and <new_port_number> with the port you configured.

Tips for Choosing a Secure Port

When selecting a secure COM port, it’s essential to consider factors that reduce the risk of conflicts, unauthorized access, and potential security breaches. The first step is to avoid using commonly used or default port numbers, as these are often targeted by attackers. For example, COM1 and COM2 are traditional default ports, and using these might expose your device to unwanted interactions or conflicts.

It’s also crucial to ensure the chosen COM port is not already in use by another device. This helps prevent issues related to port conflicts, where multiple devices are trying to communicate over the same port, which can cause malfunctions. To verify this, you can check the current port usage in Device Manager or using system monitoring tools.

Another consideration is the operating system’s ability to lock down specific ports. In some cases, it’s advisable to choose higher-numbered COM ports (such as COM15 or COM20) rather than low-numbered ones, as they tend to be less commonly used and less vulnerable to conflicts or unauthorized access.

Lastly, ensure that any devices connected to the selected COM port are configured with proper authentication and encryption protocols to prevent external access to the data transmitted through that port. Security measures like firewall rules or VPNs may also be used to further protect communication on that port. for example:

  • Avoid common ports like 80, 443, or 8080.
  • Select a port number above 1024 and below 65535 for better security.

Conclusion

Changing the RDP port via the command line is a straightforward process that bolsters system security. Regularly monitor and update your system settings to minimize risks. For enhanced safety, consider additional measures like enabling Network Level Authentication (NLA) and strong password policies.

Share:

More Posts

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments