Important Notice! Change your default RDP connection in Windows.

One of the most important tasks any windows admin has to do after installing remote desktop services, or simply enabling remote dekstop is to change the default port to a new one. Preferably by setting a large number like 17000 for example is a good guideline. Remote desktop connection is used nowadays by many many hacking tools to exploit and encrypt systems.

The best and easier way to replace the default port is using the Registry editor. Please be carefull altering stuff in the Registry cause it may make your system unstable or at the worst case scenario unusable.

The easiest way it to open an admin powershell and use the commands provided here. Please replace the port with the one you prefer. Just keep in mind some ports are already used so 17000 for example can be a nice port to use. In the example below port 17000 is used to replace the default 3389.

Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp’ -name “PortNumber” -Value 17000

New-NetFirewallRule -DisplayName ‘RDPPORTLatest’ -Profile ‘Public’ -Direction Inbound -Action Allow -Protocol TCP -LocalPort 17000

Thank you and hope you found this post usefull.