Right-click 'My Computer' and then click 'Properties'. Click the 'Remote' tab and then choose 'Allow remote connections to this computer'. Then click the 'OK' button.
Step 2: Open Remote Desktop port (port 3389) in Windows firewallGo into the control panel in your computer and then into 'System and security' and then into 'Windows Firewall'. Click 'Advanced settings' on the left side. Ensure that 'Inbound Rules' for Remote Desktop is 'Enabled'. Please note that if you are using a firewall other than Windows Firewall on your computer, you must open port 3389 in the firewall.
Step 3: Set up Port Forwarding (Port Translation) in the routerPlease log into the router website (generally at http://192.168.1.1 or http://192.168.0.1) and go into the 'Port Forwarding' section. Add a new 'Port Forwarding' rule for TCP port 3389 to be forwarded to the internal IP of your computer. To get the internal IP address of the device, you may type ipconfig in "cmd.exe". It is usually in the form of "192.168.1.**".
NOTE: If you need to connect to several machines behind the same router, you should set up port forwarding for all these machines. Let's suppose machine 1 has an internal IP 192.168.1.41, machine 2 has an internal IP 192.168.1.42, and machine 3 has an internal IP 192.168.1.43. We can setup different external ports for different machines as shown in the picture below.
To see if the port forwarding has been setup correctly, you can use our Port Check network tool to see if the corresponding port is open. If you get a "Success" response from the port check, then your network has been correctly set up. STEP 4: Map your dynamic IP to a hostnameInternet service providers change your IP address on a regular basis, but with dynamic DNS you can keep your domain pointing at the current IP of your home server or other devices.You may register a domain name of your own (yourdomain.com) and sign up for Dynu Dynamic DNS Service for it or use a free Dynu domain name (yourdomain.dynu.com). You may refer to this Getting started tutorial for more information. STEP 5: Use Dynu DDNS service to access your computer remotelyDownload the appropriate client software and run it in the computer to keep the hostname mapped to your dynamic IP. You may also set up the DDNS service in your router if your router supports it. You should now be able to access your computer using yourhostname.dynu.com from the internet via Remote Desktop using any compatible Remote Desktop client and your domain name.
NOTE: In the case of connecting several machines, for machine 1, you can use "yourhostname.dynu.com:3389", for machine 2, you may use "yourhostname.dynu.com:3390", and for machine 3, you may use "yourhostname.dynu.com:3391".
Remote Desktop allows you to access your computer from a different computer. You can open the Remote Desktop port only on your computer to allow it to be accessed only on your local network or open it also on your router to use the computer over the Internet. Before you open the remote desktop port on a router or firewall program, you will need to enable your user account to have Remote Desktop privileges on the computer you want to access. Open the Port on the Computer
Open the Port on the Router
Remote Desktop Protocol (RDP) is a Microsoft proprietary protocol that enables remote connections to other computers, typically over TCP port 3389. It provides network access for a remote user over an encrypted channel. Network administrators use RDP to diagnose issues, login to servers, and to perform other remote actions. Remote users use RDP to log into the organization’s network to access email and files. Cyber threat actors (CTAs) use misconfigured RDP ports that are open to the Internet to gain network access. They are then in a position to potentially move laterally throughout a network, escalate privileges, access and exfiltrate sensitive information, harvest credentials, or deploy a wide variety of malware. This popular attack vector allows CTAs to maintain a low profile since they are utilizing a legitimate network service and provides them with the same functionality as any other remote user. CTAs use tools, such as the Shodan search engine, to scan the Internet for open RDP ports and then use brute force password techniques to access vulnerable networks. Compromised RDP credentials are also widely available for sale on dark web marketplaces. In 2018, the Multi-State Information Sharing and Analysis Center (MS-ISAC) observed an increase in ransomware variants that strategically target networks through unsecured RDP ports or by brute forcing the password. The ransomware is then manually deployed across the entire compromised network and is associated with higher ransom demands. Recommendations:
The MS-ISAC is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, tribal, and territorial (SLTT) governments. More information about this topic, as well as 24×7 cybersecurity assistance is available at 866-787-4722, [email protected]. The MS-ISAC is interested in your comments – an anonymous feedback survey is available. |