Win2008 R2 WEB Server Security Settings Guide modification 3389 port with update patch _win server

Port 3389 refers to a remote Desktop port in a Windows system that can be used to manage a remote computer, just like a local computer, but it is also easy to be exploited by some hackers, so I have to modify the port so that I have to modify it immediately after the system is installed.

With the popularity of cloud hosts and the vigorous updating of Microsoft, there are more and more people using Windows Server 2008 R2 as Web servers, and their powerful performance and maneuverability have been praised. Even sell win2008 virtual host business also up, so today I talk about how I set Win2008 server security, my humble hope can help everyone. Stay away from the broiler ...

You have to have a server with Windows Server 2008 R2 operating system, or it's just a piece of paper. Recommended Sky Wing Cloud, Aliyun, Tencent Cloud, you can first look at the domestic cloud host comparison days Wing cloud/Aliyun/Tencent Cloud Simple to understand, I am currently using the Sky Wing Cloud host. If you don't want the buyer's machine for the time being, install a virtual machine locally and practicing it first.

Well, the host has, that host IP, user name, password also got it. OK, open the Remote Desktop Connection feature in Win7 or WIN8, as shown in the following illustration:

Write the host IP address in the computer column, click Connect, go to the next page,

I am here directly to show the system users, if your user is not an administrator, then click on the following other accounts can be used. My operation computer system is Win8.1, so directly here can enter the password, if your system is WinXP, Password box in the system login interface to enter. Enter the password in the password column to determine, if it is used on their personal computers, then check the "Remember my credentials" below to facilitate the next login, if it is on the public computer operation, do not recommend tick. For the sake of safety, do not do remote connection operation on the computer in public places such as Internet café, café and so on.

Show Common desktop icons

OK, so make sure you see the classic Desktop for Windows Server 2008 R2. There is only one Recycle Bin icon on the desktop, concise enough. Although concise, but the basic icon is not, for the people used to Windows is really a bit unaccustomed. Well, let's show you some of the traditional desktop icons first. Although Win2008 R2 and Win7 are the same kernel, but the desktop and the server's different environment, so the Win2008 R2 Desktop right button function is very simple, there is no Win7 personalization features. So we're going to change a way to display the desktop icon.

Click the Start button and enter "Ico" in the search box.

Find one of the "show or hide common icons on the desktop" click,

I have selected all the icons here, you can choose according to your personal habits.

Modify Remote Desktop Connection port

The next step is not to dress software, the first key to security is to change the default port 3389 of remote connection, press Win+r, enter regedit, find the registry, enter [Hkey_local_machine\system\currentcontrolset\ Control\terminal Server\wds\rdpwd\tds\tcp], find the right side of the Portnamber, double-click, the default display is hexadecimal data d3d, click Select Decimal to become 3389, this is the remote connection port, Modifying it is to modify the port of the remote connection, such as modifying it to 8579 to determine the save.

then enter [Hkey_local_machine\system\currentcontrolset\control\tenninal server\winstations\rdp-tcp], In the same portnamber the value of the change is 8579, save and close the registry.

After two steps, the remote connection port has been modified in the registry, but do not restart the server, or you will shut yourself out.

Next step, open the system with Windows Firewall, enter advanced settings, enter the "Inbound rules", click "New Rule", the rule type select "Port",

Next, select "TCP", specify the port to fill in the registry of the modified end, I here is 8579,

Next, connect the specified conditions here select Allow connections.

Next, the scope is generally all selected,

Next, set a name for this rule to facilitate memory and set a simple description. Click Finish to save the above settings. This rule will come into effect.

The new rule is set up, and then check to see if the settings are correct and reboot the server before each step.

Restart Remote Desktop Connection, with the new port number set after the IP address,

As long as the previous settings are correct, you should be able to connect to the server properly.

After you log on to the server, disable or remove the remote connection rules that come with your system because it is no longer working. Locate Remote Desktop (tcp-in) and right-click Disable.

The final step is to further improve the security of Remote Desktop Connection, setting "Allow only computer connections to run Remote Desktop with Network Level Authentication", which will only be connected to the server by the system of Win Vista.

Wait for a chance to write another IPSec based Remote Desktop hardening.

Update system Patches

Patch updates are simpler, and you can open Windows Update updates directly.

The automatic update to open, and set the time for automatic installation, generally selected in the 0 morning update patch.

At this point we can install commonly used software on the server, such as IIS, MSSQL, ASP.net, PHP and so on.

Small series of cloud-dwelling communities supplement:

Now the server security dog is very convenient to set these can also optimize some network parameters, and so on.

Because this series of articles is mainly to introduce the security aspects of the settings, so the specific software environment installation I opened another post introduction.

Original works, allow reprint, reprint, please be sure to hyperlink form to indicate the original source of the article, author information and this statement. Otherwise, legal liability will be held.