Remote Desktop Port Address on a PDA

  • Thread starter Thread starter StuffJustHapens
  • Start date Start date
S

StuffJustHapens

Just to give our friendly crackers another minor challenge, we've
changed the default port for RDP sessions on all our servers. (VPN
tunnelling next on the list but changing the port was a quick and dirty
option I could do right away).

All working OK for desktops, but now I discover that the Client on my
PDA iPAQ 4150 witn WM2003 won't accept a port identifier on the IP
address line so there goes my mobile support option --AAARGH!

I understand from a bit of searching that there was a registry tweak for
PPC2002 but that it doesn't work with 2003.

Any ideas? Is there a third party client that works OK??

Thanks
 
Haven't checked this personally, but someone posted this info some
weeks ago:

Follow these steps to customize your Pocket PC to use any port you
want.

1. Download & install a Pocket PC Registry Editor
(http://www.bitsinside.com)
2. Add the following key to the registry on your Pocket PC:

HKEY_CURRENT_USER\Software\Microsoft\Terminal Services\Default
Server Port : dword=3389

Change 3389 to your new port number.
 
In all honesty, changing the port number won't stop any capable of cracking
passwords or hacking your system from getting in, it will only prevent script
kiddies with no knowledge from seeing what they can get into. Anyone with a
good port scanner and time on their hands can find whatever they desire to
look hard enough for.

RDP is as secure on port 3389 as HTTPS, and very few people change that
port. If you are paranoid about security the only truely hackerproof
solution is one that uses PKI, i.e. IPSec/L2TP VPN, as certificate checking
is done and secure tunnel are established before credentials are exchanged.
NO cert, no connection, no option to try to supply credentials.

PPTP VPN for remote users of Terminal Server is a total waste of overhead,
man hours, and in most cases makes a system less secure, because you expose
your system to any bad things running on remote systems.

VPN is only safe if:

1. It IPSec/L2TP
2. It's managed on both ends (i.e. you control the firewall on both sides).

If you implement a VPN without these two things, then you're fooling
yourself in thinking it's secure.

Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com
 
Back
Top