The Remote Terminal Service in Windows 2000 and 2003 systems is a very powerful service. It also becomes a channel for intruders to stay on the host. Intruders can use some means to obtain the Administrator account and password and intrude into the host. Next, let's take a look at how to prevent hacker intrusion by modifying the default port.
As we all know, the remote terminal service is based on port 3389. Intruders usually scan the host to open the port first. Once they find that port 3389 is open, the next intrusion will be performed. Therefore, we only need to modify the default port to avoid the eyes and ears of most intruders.
Step: Open "Start> Run", enter "regedit", open the registry, and go to the following path: [HKEY_LOCAL_MACHINESystemCurrentControlSetControlTerminal ServerWdsRepwdTdsTcp]. Have you seen the PortNamber value? The default value is 3389, which can be changed to the desired port, for example, 2010.
Open [HKEY_LOCAL_MACHINESYSTEMCurrentContro1SetControlTenninalServerWinStationsRDP-Tcp,
Change the PortNumber value (3389 by default) to port 2010.