RE: [fw-wiz] Using RDP Port 3389

From: Melson, Paul (PMelson_at_sequoianet.com)
Date: 04/27/04

  • Next message: Gwendolynn ferch Elydyr: "Security through Obscurity [was RE: [fw-wiz] Using RDP Port 3389]" 
    To: "Justin C. Laporte" <jlaporte@apextechgroup.com>, <woodse@vra.net>, <firewall-wizards@honor.icsalabs.com>
Date: Tue, 27 Apr 2004 10:40:01 -0400

    This seems to be a popular tactic among people using Terminal Services
    across the Internet. Just be aware that changing the port number
    doesn't prevent (and probably won't deter) an attacker from locating it.
    It's still easily identifiable via conventional means...

    $ nmap -P0 -sT -sV -p4489 aaa.bbb.ccc.ddd
    Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-04-27 10:35
    EDT
    Interesting ports on nunna.yerbeez.wax (aaa.bbb.ccc.ddd):
    PORT STATE SERVICE VERSION
    4489/tcp open unknown Microsoft Terminal Service (Windows 2000
    Server)

    Also, if you're using the Win2K TS client, it's a pain to use a port
    number other than 3389.

    PaulM

    > -----Original Message-----
    > I almost always change the hex value in the registry to
    > change the listening port
    >
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;187623
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Gwendolynn ferch Elydyr: "Security through Obscurity [was RE: [fw-wiz] Using RDP Port 3389]"

    Relevant Pages

    • Redirected Com Port not Responding with CE .NET RDP client
      ... I am having problem with Serial Port Redirection in Terminal Services on a ... Windows CE client device. ... It opens the COM port ok on the CE device (it would display an error ... The terminal services client on the CE device is configured to ...
      (microsoft.public.windows.terminal_services)
    • Re: hacker,virus,spyware? what is it?
      ... protocol and the other port number is.. ... received communication from a client of some sort. ... If this is on your network, another thing to do is to try to track down ... > broadcasting to the same three or four internet ...
      (microsoft.public.security)
    • Re: Very Newbie Question
      ... I entered telnet smtp.gmail.com 465 (this is the port on the gmail Webiste ... Outlook and Exchange but something I find very starnge happens on my ... I have set up an internal exchange system whereby the client has only ... Although the client does have internet access ...
      (microsoft.public.exchange.admin)
    • RE: TSAC (Terminal Services Advanced [?] Client)
      ... TSAC (Terminal Services Advanced Client) ... You can change the port for regular 'ole TS, but you can't change the port ...
      (Focus-Microsoft)
    • Re: Connectting to a computer when there is more than one behind a rou
      ... remote to a computer through the Internet. ... The host is a client on a business ... IP address and there is more than one computer behind the router on the ... Either by using a different port on both, ...
      (microsoft.public.windowsxp.work_remotely)