Default Remote Desktop port Windows 7
Remote Desktop is a feature that comes standard with the Professional, Ultimate and Enterprise versions of Windows 7, 8, 8.1, Vista and even XP. However, it is not enabled by default. These instructions show you how to enable remote desktop on Windows 7.
Step 1: Open System Properties
This can be found by going to the Start Menu, right clicking on “Computer”, and selecting “Properties”.
Step 2: Open Remote Settings
This link is found on the right of the System Properties window.
Step 3: Choose your Remote Settings
Windows 7 gives us three options. You can either disable Remote Desktop (the default option), enable it for users running the Remote Desktop Client with Network Level Authentication, or enable it for all users no matter their version (less secure). Most users need to select the less secure version as they don’t have Network Level Authentication setup. Don’t feel too bad about it – it’s fairly common and not a huge issue if you’re only using RDP on your local network.
Pick one of these options and save the changes. You have now enabled remote desktop on your computer. This means you can go to another computer or mobile device on the network, open up Remote Desktop Connection, put in the name or IP address, and connect to the computer using administration credentials.
Step 4: Select users who can use Remote Desktop (optional)
By default, only Administrators of the local machine can connect via Remote Desktop. To change this, press the “Select Users” button. You can now search and add users or security groups to the list of people who have permission to connect.
Firewall and Port Information
When you enable Remote Desktop on Windows 7, it will automatically open up the required ports. By default, RDP uses TCP port 3389. If you can’t access your newly enabled Remote Desktop Protocol computer, check any third-party firewalls to ensure they have not blocked it. Generally firewalls bundled with anti-virus packages, such as AVG, will block Remote Desktop on Windows 7.
Remote Desktop Public Internet Security
It can be tempting to open up a port on your network boundary (router, gateway, firewall, etc) to allow Remote Desktop to be accessed via the public internet. Is this a good idea? While many have done it before without any trouble, it is asking or trouble. There are tools readily available which allow attackers to brute force a RDP connection. Opening port 3389 will at the very least get you a lot of attempted logins. If you have an insecure password, it’s only a matter of time before your password is cracked. This is ignoring the possibility of security exploits, such as the one patched in 2012.
My suggestion is to setup a VPN to provide your network with an extra layer of security but still allowing remote access. If this isn’t an option, then consider white-listing the allowed IP addresses to only permit access to those you know and trust.