Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)
My goal is to introduce a little security through obscurity by changing
the default port to some random number way up in the allowable range. I
already know how to change the default port on the host by editing the
registry. I know how to tell the Remote Desktop client how to find that
different port to connect to the host. I haven't tried it but I assume
from examining a saved Remote Assistance request that it would include
the changed port number. But these are not what I would like to discuss
at this time.
What I would like to discuss is the possible repercussions of changing
the default port number.
Does changing that one number in the registry change the port used for
both Remote Desktop and Remote Assistance? On a Terminal Server does it
change the TS port as well?
I have read that it affects the Remote Desktop Web Connection but that it
can be fixed by editing the ...\tsweb\default.htm file.
I know to avoid any port below 1024 because that range is reserved for
the 'well known ports'. But are there any other ranges that should be
avoided for whatever reason?
Another repercussion I can think of is that other, legitimate, support
people would have a hard time using RD or RA if they didn't know these
port numbers. All of my customers use niche market applications that
often require remote control to get it to work right. I could explain it
to my customers but they wouldn't really remember it very long and the
support person on the other end would waste a lot of time with needless
troubleshooting. Most vendor's support people these days don't really
know computers or Windows very well at all. They just work out of a
notebook that someone else wrote.
Can anyone else think of any other problems that could be introduced by
changing the default port from 3389 to something else? What are your
thoughts, pro or con?
My goal is to introduce a little security through obscurity by changing
the default port to some random number way up in the allowable range. I
already know how to change the default port on the host by editing the
registry. I know how to tell the Remote Desktop client how to find that
different port to connect to the host. I haven't tried it but I assume
from examining a saved Remote Assistance request that it would include
the changed port number. But these are not what I would like to discuss
at this time.
What I would like to discuss is the possible repercussions of changing
the default port number.
Does changing that one number in the registry change the port used for
both Remote Desktop and Remote Assistance? On a Terminal Server does it
change the TS port as well?
I have read that it affects the Remote Desktop Web Connection but that it
can be fixed by editing the ...\tsweb\default.htm file.
I know to avoid any port below 1024 because that range is reserved for
the 'well known ports'. But are there any other ranges that should be
avoided for whatever reason?
Another repercussion I can think of is that other, legitimate, support
people would have a hard time using RD or RA if they didn't know these
port numbers. All of my customers use niche market applications that
often require remote control to get it to work right. I could explain it
to my customers but they wouldn't really remember it very long and the
support person on the other end would waste a lot of time with needless
troubleshooting. Most vendor's support people these days don't really
know computers or Windows very well at all. They just work out of a
notebook that someone else wrote.
Can anyone else think of any other problems that could be introduced by
changing the default port from 3389 to something else? What are your
thoughts, pro or con?
Facebook
Twitter
Instagram