Open Remote Desktop Services
1.1 The test environment for this article is Windows 10 Professional 22H2. Other operating systems modify RDP (Remote Desktop Services), much the same.
1.2 Right-click Start—Settings—Search Remote Desktop—Open Remote Desktop.
1.3 Click the advanced settings in the picture, there is a Microsoft tutorial to teach you how to modify the remote desktop port. The link is below.
https://learn.microsoft.com/zh-CN/windows-server/remote/remote-desktop-services/clients/change-listening-port
1.4 Right-click Start—Windows PowerShell (Administrator), type the following command to view the port of the remote desktop.
Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber"
2 Modify the port of the remote desktop
2.1 Copy and paste the following commands in Windows PowerShell. After restarting the computer, you can modify the remote desktop port.
$portvalue = 23389
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue
New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue
New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue
2.2 Paste directly together, and then you can see that the corresponding settings have been changed.
Win+r Enter regedit to open the registry, enter the following code in the upper "address bar", quickly open the registry subkey, you can see that "PortNumber" has been modified.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
The firewall inbound rules are also written. (Control Panel\System and Security\Windows Defender Firewall\Advanced Settings)
2.3 But through netstat, you can see that the listening port of the actual remote port service has not been modified. Also need to restart the computer.
PS C:\Windows\system32> tasklist /svc | findstr "TermService"
svchost.exe 4920 TermService
PS C:\Windows\system32> netstat -ano | findstr "4920"
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 4920
TCP [::]:3389 [::]:0 LISTENING 4920
UDP 0.0.0.0:3389 *:* 4920
UDP [::]:3389 *:* 4920
2.4 After restarting the computer, the listening port of the remote port service has been successfully modified.
C:\Users\zhang>tasklist /svc | findstr "TermService"
svchost.exe 1064 TermService
C:\Users\zhang>netstat -ano | findstr "1064"
TCP 0.0.0.0:23389 0.0.0.0:0 LISTENING 1064
TCP [::]:23389 [::]:0 LISTENING 1064
UDP 0.0.0.0:23389 *:* 1064
UDP [::]:23389 *:* 1064
2.5 Remotely log in to the win10 test machine after modifying the port.
2.6 If it still doesn't work, modify the following registry key "PortNumber", which is convenient to modify in decimal.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp
2.7 From personal experience, modifying the default port of the remote desktop not only complies with the security compliance of relevant laws and regulations, but also reduces the occurrence of some low-level security incidents. It is recommended to modify the default port of the remote desktop.