With all the emphasis on security for Remote Desktop for Windows XP and Windows Server 2003, here's an easy way to secure Remote Desktop.
Remote Desktop normally runs on port 3389. This is the port the Remote Desktop client connects to on default and this is the port hackers scan to find open Remote Desktop connections. By changing this port number, you essentially hide your Remote Desktop connection from hackers who scan port 3389. Then no one will be able to connect your computer through Remote Desktop unless they know the port it runs on.
To change the port number that Remote Desktop uses, you must edit a registry key. The registry
key you must edit is located at:
This key is stored in a hex value so you must use a decimal to hex conversion tool such as the built in windows calculator (choose your desired port number and convert it to hex before you update the key).
You may need to reboot your computer for the change to take affect and also don't forget to update your firewall if you have one with the new port number.
To connect to your computer through Remote Desktop with an alternate port, enter the IP address or DNS name as you did before with one small modification, add :port number (i.e. if the port is set to 8989: instead of using 192.168.1.1 use 192.168.1.1:8989).
Fast guide: Remote control software
- Tip 1: VNC variant provides remote control boost
- Tip 2: A Remote Desktop alternative sheds its drawbacks
- Tip 3: Remote control freeware boosts cross-platform system administration
- Tip 4: Securing Remote Desktop
This was first published in April 2006