How to Change RDP Port using SCCM | PowerShell | Registry
This guide covers different methods to change RDP port (Remote Desktop Port) on Windows computers such as SCCM (ConfigMgr) CMPivot, PowerShell and Windows registry.
The Remote Desktop feature on your computer listens for the connection request over a designated port 3389 when you use the Remote Desktop client to connect to a computer (either a Windows client or Windows Server). The Remote Desktop port (RDP port) 3389 on Windows is a popular target for hackers. Thus, it might make sense to change the RDP port.
After you change the RDP port, the next time you connect to this computer by using the Remote Desktop connection, you must type the new port. If you’re using a firewall, make sure to configure your firewall to permit connections to the new port number.
Please be aware that port 1-1023 should not be used when selecting a non-standard RDP port because these are known ports, but port 49152-65535 is a dynamic or private port that is not in use by any service or application. For instance, you can change RDP port from 3389 to 33091.
Why change the RDP port number?
http://forum.icohaberleri.com/showthread.php?tid=235
https://zinaramirez.com/mybb/thread-49360.html
http://www.hondaikmciledug.co.id/HRIS/showthread.php?tid=131
http://bobzhotel.altervista.org/showthread.php?tid=16088
http://www.yypf.com/showthread.php?tid=3645
http://jl.kaoyanzhi.net/forum.php?mod=viewthread&tid=103948
http://jl.kaoyanzhi.net/forum.php?mod=viewthread&tid=98344&extra=page%3D1
http://jl.kaoyanzhi.net/forum.php?mod=viewthread&tid=354707
http://jl.kaoyanzhi.net/forum.php?mod=viewthread&tid=97586
http://www.skillcoach.org/forums/topic/269037/adapting-to-legal-tech-a-law-student-s-guide
http://www.skillcoach.org/forums/topic/271532/cricut-setup-software-may-be-downloaded-here
http://www.oberoende.info/rfhlups/forum/viewtopic.php?f=4&t=11659&p=28525
http://www.oberoende.info/rfhlups/forum/viewtopic.php?f=26&t=13019
http://www.oberoende.info/rfhlups/forum/viewtopic.php?f=2&t=7582
https://www.gasdefence.ru/forum/viewtopic.php?t=105624
https://www.gasdefence.ru/forum/viewtopic.php?t=106497
https://www.gasdefence.ru/forum/viewtopic.php?t=106812
https://www.gasdefence.ru/forum/viewtopic.php?t=106390
Microsoft uses port 3389 for all external communications. A technique of automated password guessing is frequently used by hackers to connect to distant computers using the 3389 listening port. Such attacks, like the one Microsoft has just discovered, are known as brute force and password spraying attacks.
Undoubtedly, this serious security flaw puts your remote computers in danger. Many administrators decide to alter the RDP port number from 3389 to any other available port to get around this vulnerability, which makes it more challenging for hackers to figure out the listening port.
In addition to defending against hackers, administrators alter the RDP port number to get around firewalls. Some systems’ firewalls are set up to prevent both incoming and outgoing messages to and from port 3389, respectively, for security concerns. The purpose of this approach is less to block remote access and more to stop hackers from entering the system through the port. Changing RDP port helps to reduce the risk of port scanners and RDP vulnerabilities.
Check the RDP Port Number using PowerShell
On any Windows computer, you can check the RDP port number by running the below PowerShell command.
We see the RDP port number on the given computer is 3389.
Change RDP Port using Registry
You can change the listening port for Remote Desktop on your computer using Registry. Make sure you back up the registry before you make any changes.
- Launch the registry editor. (Type regedit in the Search box.)
- Navigate to the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
- Find PortNumber registry key whose default value is 3389.
- Right-click the PortNumber key and select Modify. On the Edit DWORD (32-bit) Value, select Decimal and type the new port number, and then click OK. Close the registry editor, and restart your computer.
In the screenshot below, I have changed the remote desktop port from 3389 to 33091.
To confirm if the remote desktop port number is changed, run the below PowerShell command.
In the output, we see the RDP port number shows 33091 and this confirms that we have successfully changed the remote desktop port using registry.
Change RDP Port using PowerShell
One of the quickest ways to change the remote desktop port is using a PowerShell script. You can use the PowerShell script to change RDP listening port number on multiple computers.
The below PowerShell script is provided by Microsoft, that sets the remote desktop port to 3390. The script also adds the firewall rule to allow the RDP port on the computer.
To run the above PowerShell script, launch the PowerShell as administrator on your computer and run the script. You can also open Windows PowerShell ISE and paste the code and edit it before you run.
You can also deploy RDP port change PowerShell script on multiple computers using Microsoft Intune or Configuration Manager.
https://www.itray.co.kr/bbs/board.php?bo_table=free&wr_id=25481
http://theglobalfederation.org/viewtopic.php?id=1641434
http://theglobalfederation.org/viewtopic.php?id=1100007
http://theglobalfederation.org/viewtopic.php?id=1579408
https://forum.racing.by/viewtopic.php?t=205300
https://forum.racing.by/viewtopic.php?t=62658
https://forum.racing.by/viewtopic.php?t=197869
http://www.virtuosal.com/forum/viewtopic.php?id=250035
http://www.virtuosal.com/forum/viewtopic.php?id=100054
http://www.virtuosal.com/forum/viewtopic.php?id=315916
http://heroicfantasygames.free.fr/Forum/viewtopic.php?p=31121
http://heroicfantasygames.free.fr/Forum/viewtopic.php?p=28436
http://heroicfantasygames.free.fr/Forum/viewtopic.php?p=30343
http://heroicfantasygames.free.fr/Forum/viewtopic.php?p=29266
http://forum.lithotherapy.ru/viewtopic.php?t=34146
http://forum.lithotherapy.ru/viewtopic.php?f=18&t=41630
https://forum.lithotherapy.ru/viewtopic.php?f=18&t=35819
Adding firewall rules for custom RDP ports
You must modify the Windows Defender firewall to permit your new custom RDP port after changing the default RDP port to a custom port. To add the rules for unique RDP ports, use the PowerShell scripts below.
CMPivot Query to Check the RDP Port
You can quickly query registry values using CMPivot. Using a simple CMPivot query, you can check the RDP port on multiple computers in SCCM.
Comments
Post a Comment