You have the opportunity to increase the security of your server by changing the default RDP (Remote Desktop Protocol) port in Windows. Using the default port 3389 can make it easier for attackers to discover your server and become a target for unauthorized access attempts. In this article, we will look at how to change the default RDP port to a more secure one.

Step 1: Check the current RDP port

Before changing the port, make sure you have access to the server via RDP and that the current port is 3389. Open the command prompt and run the following command:

bash  

1. netstat -an | find "3389"

If the result shows that port 3389 is in use, it means that RDP is using the standard port.

Step 2: Open the Registry Editor

1. Press Win + R to open the "Run" dialog.
2. Type regedit and press Enter.

Step 3: Find the registry key for RDP

1. Navigate to the following path in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
2. Find the PortNumber parameter on the right. This parameter contains the current RDP port. Remember or write it down.

Step 4: Change the RDP port

1. Right-click on the PortNumber parameter and select "Modify".
2. Change the value to the new port (e.g., 5000 or 6000). Ensure "Decimal" is selected as the base.

Step 5: Restart the RDP service

1. Press Win + R.
2. Type services.msc and press Enter.
3. Find the "Remote Desktop Services" service and restart it.

Step 6: Check the new port

Now you can try connecting to the server using the new port. For example:

bash

mstsc.exe /v:your_server_ip:new_port 

Replace your_server_ip with your server's actual IP address, and new_port with the port you chose.

Important notes:

• Ensure the port you choose is not used by other services and is not blocked by the firewall.
• Remember the new port, as you will use it to connect to the server.

Follow these steps carefully, and always back up the registry before making changes. Changing the RDP port can improve server security but requires attention.