In security circles RDP is called “ransomware deployment protocol” - basically one should never expose it to the internet.

Make yourself a vpn box or some Linux with ssh and do port forwarding and allow RDP from that Linux host. OpenVpn or ssh are much better to be exposed to the internet.

I use wireguard for this stuff these days. Life is simpler now :) .

In the world of amazing fast vpn solutions why is your RDP port open to the internet?

Both are useful:

https://github.com/EvanAnderson/ts_block

https://github.com/Zeziroth/Cancer2Ban

I made ts_block. It solved a particular problem I had at a particular time. Nobody should be doing RDP across the Internet w/o a VPN but, apparently, people still do it.

Shockingly it still works fine on Server 2022.

THANK YOU!

I have friends of mine that slowly migrated to ZeroTier for RDP.

What port do you use? Obviously you have to use one which is not common and not in the list of scanned ports of services like shodan or censys.

I have RDP on port 8443.

On another host I tried port 443, hoping to disguise it to appear like SSL. No any difference.

Also, there are services, which already publishing all my (and yours) open ports. Here is the report for my IP:

https://search.censys.io/hosts/104.63.172.143 (It's public anyway)

This is ill-advised. Don’t try and hide it. Don’t publish it in the first place.

8443 is very common, id use something like 46434