Changing Connectivity Ports on Windows and Linux post thumbnail

Changing the port of connectivity is always an amazing option to help mitigate in any potential compromises towards your server(s). They are many instances on the internet spawned with scripts to scan each and every common port used on any server they comes across to try and access them.

Once an attacker has access to your server, your server is now their playground for whatever they feel like doing with it. From secret crypto mining to a throw away account, sending out phishing emails or links and many many more. I will be giving the steps below on how to change the RDP port on your Windows server and your Linux SSH port, if you are not using a SSH Key.

On Linux

Its actually quite simple. Any beginner could accomplish this and feel like a a security expert in seconds until more complex matters presents themselves.

Access the file sshd_config located in /etc/ssh/sshd_config using your favorite text editor such as nano , vi etc.

Once in you will need to remove the comment or hashtag near Port 22 and change the number to whichever port you rather use for SSH access.

In my case I switched it to 96 which means I need to specify the port to 96 when attempting SSH connection.

After successfully changing the port and saving the config file, you will need to restart the ssh daemon. This system utility is responsible for listening and accepting connections through SSH/SFTP.

Connecting via SSH thru port 96

If you try to connect to its once default port of 22, you’ll get this error message

Connecting to the default port refuses the connection

Looking at a quick port scan, you don’t see even see SSH displayed.


On Windows

Its actually pretty easy but make sure to create a restore point or have a backup of your registry in the case you completely mess something up and its undoable.

In your registry navigate through the below path to find a file called port.

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CURREN\CONTROLSET\CONTROL\TERMINAL SERVER\WINSTATIONS\RDC-TCP

Once that’s done, either restart the terminal service for RDP or simply reboot the computer. RDP will no longer be listening on the default 3389 port, but on the new one.

You will then need to specify that in the field where you insert the IP address. Example 192.168.0.162:3385

Congratulations! You’ve changed the default connectivity ports on both Linux and Windows.

Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *