Windows Remote Desktop Connection: which additional ports

Go-Bruins
Go-Bruins used Ask the Experts™
on
Hi all,

I understand that the typical port RDC uses is 3389. Are there any other ports that I can safely use to access other computers on my network? Ports that won't conflict with other applications?

Thanks in advance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooter
Commented:
You don't want to use tcp/3389 for Remote Desktop, and are just attempting to find another port?
You can easily look at which ports an individual machine is using with "netstat /an" -- all the entries for 'LISTENING' are used.  

In general, most of the higher ports should be safe.  If I had to pick one, I'd take one at the upper end, close to the Dynamic RPC range, tcp/49150 for example.  (I'd check netstat, just to make certain something else hadn't already taken it.)

The 'master list' of ports which have been officially registered is maintained by IANA.
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
Are you wanting to poke holes in your firewall so others can access? if so, that's unwise. You should be setting up a Remote Desktop Gateway server or making users connect via VPN first. Please elaborate on your desired goal so we can provide a professional level, secure solution.

Author

Commented:
Hi,

I have a small home network (with corresponding knowledge). When I'm away from home, I'd like to access multiple computers, w/o having to install something like Teamviewer on all of them.
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Author

Commented:
Is something like Teamviewer much safer than poking holes in my firewall?
Technology and Business Process Advisor
Most Valuable Expert 2013
Commented:
Yes, TeamViewer, LogMeIn, GoToMyPC would all be more secure.

And strictly speaking, you only need it on one PC.  Once you're connected, you can use RDP to connect to any other PC on the network.  This DOES mean that you need that one PC to ALWAYS be on and NEVER crash... but it can save you hundreds depending on the solution you choose.

(There are ongoing automated attacks on the internet aimed at your IP address, trying to access your systems all the time.  By using something like one of the above, you don't open ANY ports - a little program gets installed on your computer that communicates with a central server - when you're away, you contact that same central server and it helps you connect, ensuring your IP address never appears online and allowing your firewall to fully protect you from external threats.

Author

Commented:
Thank you all. I'm continuing to learn...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial