Solved

Is having port 3389 open on my server 2012 RDP server risky

Posted on 2016-08-12
6
132 Views
Last Modified: 2016-08-22
Is having port 3389 open on my server 2012 RDP server risky
0
Comment
Question by:dannyfccs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 500 total points
ID: 41753991
The cold hard truth is that *any* open port is a potential security threat.  Internal, external; It does not matter, you are still allowing access to something via a communications port.  In most instances, the port is well-known, well-defined and in of itself, the communication poses little to no threat to system integrity.  In your case you are allowing access to the system in question via 3389, the default RDP port.  Now all a potential attacker needs to do is get past windows security.

In order to minimize the threat level, most admin's will do any (or all) of the following:

A.  Change the port.
B.  Provide a proxy to the port.
C.  Restrict access to the port (this can be accomplished in a multitude of ways; e.g. - targeted source/destination firewall rules).

-saige-
1
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 41754210
I agree that any port open is risky.

You should not expose RDS to the internet.  Setup a VPN and allow your users to connect to that first.  Or an Remote Desktop Gateway server.  Exposing ANY port to the internet is risky for any reason and it's generally considered safer to allow access through VPN or RD Gateway instead of direct RDS.
0
 
LVL 8

Expert Comment

by:Senior IT System Engineer
ID: 41754809
Yes it is.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 30

Expert Comment

by:serialband
ID: 41754893
Only if it's directly on the internet.  If it's only accessible within your secure, local network you should have no problems.
0
 

Author Comment

by:dannyfccs
ID: 41766093
what alternatives would you use to RDP 3389 then?
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 41766354
I'll repeat:
Setup a VPN and allow your users to connect to that first.  Or an Remote Desktop Gateway server
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
Resolve DNS query failed errors for Exchange
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question