7, 3389 Security Configuration of the Terminal server:
In the second section of this article, we've covered the way to install 3389 Terminal Servers in the Windows Components Wizard, and we can use Terminal Services to remotely manage servers by checking Terminal Services in the Windows Components Wizard. I believe everyone has played 3389 of chickens, most of the network was hacked by the empty password of the chicken because the opening of 3389 Terminal remote Management services, and hackers without difficulty can get remote management rights.
Because hackers are using such as x-scan, such as vulnerability scanning software, as long as hackers scan the 3389-port machine, your terminal server will be exposed to the hacker's eyes, there is a certain danger to your server. 3389 Terminal Remote Management Service by default is open 3389 port, as long as our Terminal Services by default open port number change, then hackers can not guess whether our server open Terminal Services.
Modifying the Terminal Server port number is done by modifying the Windows2003 registry, as long as we modify one of the key values in the registry. Click "Start menu → run" in the Run enter REGEDIT command, start Registry Editor, and then open the following key values: [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\winstations\rdp-tcp\ find the following key name PortNumber, double-click to open the Modify key value, then select Decimal (D), change the original 3389 port number to the port number you want to replace, in this case we change the port to 7890, As shown in the following figure (Figure 12):
(Figure 12)
After the port number has been modified, we restart the computer to make the modified port number effective so that no one can connect to your server using port 3389, and after the reboot, if we want to connect to the Terminal Server later, open the Terminal Services client software and then on the computer (C) The right column input your server's IP address and port number can login to your terminal server, assuming our server IP address for 192.168.0.8, then we just enter the following address in the input box to login Terminal Server "192.168.0.8:7890" where the IP and port number with " : "Apart." As shown in the following figure (Figure 13):
Zebian: Bean Technology Application