Terminal services used port 3389 by default. It is well known port TS uses so there can be a chance that it can be a target for attack by network intruders.
Even though network attackers can find the port that is in use, changing TS port from 3389 can make it more difficult to attack a TS server.
TS port can be changed from the registry
Value: Port Number
Data: 3389 in decimal or d3d in hex
We can use any ephemeral port ranging from 1024-4999 by default. After making the registry changes restart the terminal services
To check the port on which terminal server is listening run nestat –aon from command prompt.
++ Remote Desktop Client
Launch mstsc.exe. In the computer field specify the <TS name>:<port number> e.g. If server name is termserver1 and port is 3900 then we need to put termserver1:3900
++Remote Desktop We Connection
Make connection to web server which host the remote desktop web connection using http://<server name>/ts
Click on the Remote Desktop icon. In Connect to: field specify the <TS name>:<port number>
To configure Remote Applications, accessible through TS Web Access or a custom .rdp file, to use custom Terminal Server port, you must configure custom RDP Settings in TS Remote App Manager MMC snap-in.
RemoteApp Deployment Settings à Terminal Server à RDP Port
Specify the custom port in RDP port field.
In our environment , we have been doing this on all of our servers. I followed these steps on Server 2008 and it seem to doesn't work... even after a reboot.
After making the changes which port terminal server is listening??
Is it still showing 3389 in nestat –aon output?
I would appreciate if you could provide more details :)
I forgot to create a new exception for the changed RDP port.
after finish this config. restart the computer
it is working with me.
This is correct & works. Thanks Buddy!!!