Posted 24 September 2020 - 08:21 PM
This is driving my crazy. I have disabled RDP in Windows Firewall, yet I can still connect from remote computers. I know how to prevent this at the router level, but I just can't figure out how traffic is getting through on port 3389. Is there a way to figure out what else is allowing access to RDP on that port?
Any help is appreciated.
dw1256
Edited by Chris Cosgrove, 25 September 2020 - 04:49 AM.
Moved from General security to Networking
Posted 25 September 2020 - 06:30 AM
Did you block the RDP application, or just the port?
If you open Windows Firewall, go to Advanced Settings and Create Inbound Rule
Select Port
Create an Inbound Rule for both TCP Port 3389 and UDP Port 3389
Then re-test
You can also run: netstat -f -b
to see if it gives you application information, but it's pretty generic
Microsoft MCE, CASP+, Linux+, Server+, Cloud+, Certified Forensic Computer Examiner
Posted 25 September 2020 - 06:12 PM
Did you block the RDP application, or just the port?
If you open Windows Firewall, go to Advanced Settings and Create Inbound Rule
Select Port
Create an Inbound Rule for both TCP Port 3389 and UDP Port 3389
Then re-test
You can also run: netstat -f -b
to see if it gives you application information, but it's pretty generic
In the advanced firewall, I disabled "Remote Desktop - User Mode [tcp and udp]." However, you can still connect to my computer via remote desktop using port 3389. Actually, I think you can also access the PC using port 3390 in RDP. I guess what I am really asking, are there other exceptions in the firewall allowing traffic through on these ports.
I assumed if those inbound rules are disabled, RDP will not work.
Posted 25 September 2020 - 08:28 PM
Blocking Remote Desktop - User Mode is a good start, but that doesn't block as much as you think it would.
Also block "Remote Desktop - Shadow".
If that still fails or the option is not present, manually block the ports I mentioned above.
Block 3390 as a last resort.
Microsoft MCE, CASP+, Linux+, Server+, Cloud+, Certified Forensic Computer Examiner
Posted 05 October 2020 - 03:07 AM
Opposite of what have you thought maybe your way doesn't work , with a external firewall you could do that and it is easy. Have you tried just on your PC or you tried blocking via your Router/Modem ? did you block also specific port in Your modem configuration as well ?
Posted 05 October 2020 - 08:13 AM
You could disable Remote Desktop services in the Services found in the Microsoft Management Console. Then there is need to block the port.
Also consider blocking the Remote Assistance in the System Properties. Disabling the service daemons is perhaps safer.
Posted 09 October 2020 - 12:08 PM
Are you trying to block all Windows RDP connectivity? Keep in mind if you only configure your router settings that applies to remote [outside your room/office/whatever] RDP access. In that case you'll still have local [any WinPCs you have connected to your same LAN] RDP connections to take care of. Be sure to block RDP service in both your router and your PC settings.
//security.stackexchange.com/questions/34709/enable-rdp-for-internal-network-only
Posted 09 October 2020 - 12:48 PM
Inbound ports that affect RDP traffic
TCP/UDP: 3389
TCP: 3387, 3392
Posted 16 October 2020 - 05:02 AM
Thanks for the help. In my case I have found the only way to prevent RDP traffic on my PC is to disable it on the router or to turn it off completely at: Control Panel -> System -> Remote and check "don't allow remote connections to this computer."
Windows 7 / Networking
By default, Windows Firewall doesn't allow Remote Desktop connections. This is a sensible security precaution because connecting to someone's desktop gives you nearly complete control over that PC. To enable remote connections, you must configure a Windows Firewall exception for Remote Desktop.
Here are the steps you need to follow:
- Select Start, type firewall, and then select Windows Firewall in the search results. The Windows Firewall window appears.
- Click the Allow a Program or Feature Through Windows Firewall link.
- In Windows 7, click the Change Settings button; in Windows Vista, enter your User Account Control [UAC] credentials to continue.
- Activate the check box beside Remote Desktop.
- Click OK. Windows enables the firewall exception for Remote Desktop.
[Previous] [Contents] [Next]
I was able to use my remote desktop with custom port when I was using Kaspersky Internet Security. Now, I have uninstalled my Kaspersky and switch to Avast!. Therefore, the windows firewall is turned on back again. However, after the firewall is turned on, I cannot connect to the remote desktop. I have set the remote desktop "checked" in the windows firewall as shown by here: //windows.microsoft.com/en-my/windows7/use-remote-desktop-when-windows-firewall-is-on.
So, I am guessing it is caused by the custom port setting of my remote desktop. So, how can I unblock that on firewall to make my remote desktop works again?
Thank you.
Is your Windows Defender blocking remote desktop connection? We can help you fix it.
One of the major causes of RDP problems can be the Windows Defender firewall restrictions.
At Bobcares, we often receive requests regarding RDP as part of our Server Management Services.
Today, let’s see how our Support Engineers easily fixes the RDP error for our customers.
More about Windows Firewall
Usually, configuring a firewall is a mandatory security practice on any live server. This restricts the incoming connections to the server.
And, limiting the connections to a particular service like RDP is known as the scoping the access for that service.
So, if the Windows firewall rule doesn’t allow any particular IP address, the respective user will not be able to connect.
Therefore, the required IPs should be allowed in the allowed list of IPs for Remote Desktop Access.
How we fixed Windows Defender blocking remote desktop?
Recently, one of our customers approached us with an error. The problem was that he was not able to RDP into his server.
Our Support Engineers had a precise look into it and sorted it out a solution for him.
And, upon checking we found that the problem was with Windows Defender that was blocking the RDP access.
Now, let’s see how we fixed the RDP error for the customer.
- Firstly, we searched for the firewall and clicked Windows Defender Firewall.
- Then, we navigated to Allow an app or feature through Windows Firewall.
- Next, we clicked on the Change Settings option on the top right corner.
- Then, we found the Remote Desktop option and checked it.
- Lastly, we clicked OK to save the changes.
Thus, we fixed the RDP issue efficiently for our customers.
[Need more assistance to fix remote desktop connection errors? We are available 24/7]
Conclusion
In short, we can resolve the “Windows Defender blocking the remote desktop” error by enabling the Remote Desktop option from Windows Defender Firewall. In today’s write up we saw how our Support Engineers effectively fixed the RDP problem effectively.
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
GET STARTED
var google_conversion_label = "owonCMyG5nEQ0aD71QM";