1, so that the remote desktop port can avoid the attack.
As we all know, the default port used by remote desktop is generally "3389". If this port number is not changed in time, many hackers with ulterior motives may use this port to remotely control and invade the local workstation to steal all kinds of private information stored in the local workstation. In order to protect the security of the local workstation, we can try to change the default port number used by the remote desktop to another port number according to the following steps:
Firstly, log in to the local workstation system as a privileged user, click the start and run commands on the system desktop one by one with the mouse, enter the string command "regedit" from the pop-up system run box, and click the OK button to open the editing interface of the local workstation system registry;
Secondly, in the left display area of the editing interface, expand the HKEY_LOCAL_MACHINE registry branch with the mouse, and select the system \ currentcontrolset \ control \ terminal server \ WDS \ rdpwd \ TDS \ TCP subitem in the branch list that pops up later. Corresponding to TCP subitem in the display area on the right, we will see a subitem named PortNumber (as shown in figure 1), which is actually used to define the remote desktop port number. Set the value of this subitem to another port number, for example, set its value to "9999";
After modifying the value, we will locate the mouse in the registry branch HKEY _ Local _ Machine \ System \ Current Control Set \ Control \ Terminal Server \ Winstations \ RDP-Tcp. In the right display area corresponding to RDP-TCP subitem, we will also see a subitem named PortNumber, and we will also modify its value, for example, we will also modify it here.
After completing the remote desktop connection port number of the local workstation, when we need to connect to the workstation through the remote desktop in the future, we need to open the remote desktop connection setting window in the corresponding workstation, set the workstation address that needs remote connection in it, then click the Save As button to save the remote desktop settings as a file, and then open the previously saved RDP file with a text editing program such as WordPad. And manually enter a line of "server port: i:9999" in the text editing area, and then save the file with the original name, so that we can connect to the local workstation safely through the remote desktop in the future. As long as other users don't know the new remote desktop port number, they can't create a remote desktop connection with the local workstation, so the security of the local workstation will be greatly enhanced!
2. Refuse to delete the remote desktop wallpaper
If we don't want other people to delete the desktop wallpaper of their workstation through remote desktop connection at will, we can try to limit it by following the following steps:
Firstly, log in to the local workstation system as a privileged user, click the start and run commands on the system desktop one by one with the mouse, enter the string command "regedit" from the pop-up system run box, and click the OK button to open the editing interface of the local workstation system registry; Secondly, in the left display area of the registry editing interface, double-click the registry subkey HKEY_LOCAL_MACHINE with the mouse, and then select the branch options under the branches expanded later.
Software \ Policy \ Microsoft \ Windows NT \ Terminal Services, in the right display area corresponding to the terminal services sub-item, check whether there is a two-byte value named fNoRemoteDesktopWallpaper. If you can't find the key value, you can click the blank area with the right mouse button, and click the commands of "New" and "DWORD Value" one by one from the pop-up shortcut menu to complete the creation of "fNoRemoteDesktopWallpaper" double-byte value; Then use the mouse to double-click the newly created "fNoRemoteDesktopWallpaper" key value, open the numerical dialog box as shown in Figure 2, enter the number "1" in it, click the "OK" button, and finally restart the workstation system, so as to refuse to delete the remote desktop wallpaper. draw
3. Make full use of remote desktop to transfer files.
When transmitting files in the local area network, I believe most people will do it through file sharing. However, the target file set to * * * sharing state is easy to be seen by others, and some people with ulterior motives will attack the local workstation through the * * * sharing channel. In order to ensure the safe transmission of files in the local area network, we can use the disk mapping function in the remote desktop program to make the file transmission in the local area network safer and simpler. The following are the specific steps to transfer files using the Remote Desktop function:
First, click the Start/Program/Remote Desktop Connection command on the desktop of the local workstation system to open the remote desktop connection program interface, click the Options button in the interface, then click the Local Resources tab to open the tab setting page as shown in Figure 3, select the disk drive item, and then click the Connect button.
After successfully connecting to the other workstation system, we use the mouse to double-click the "My Computer" icon on the desktop of the other workstation system, and we will see that all the disk partitions of the local workstation, including the optical drive, have been mapped to the other workstation. At this time, we can transfer files as easily and safely as copying and moving files locally. After the file transfer operation, be sure to disconnect the remote desktop in time to prevent other users from taking the opportunity to peek at their private information.