RDP -
[code:1]Under the Key
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
Find the Sub Key
PortNumber (Default Value 00000D3D, Hex for (3389))
Enter the new port number in Hex.[/code:1]
IIS (Presuming Windows 2003)
[code:1]IIS can be done within the IIS Manager
expand to the website (usually Default Website)
Right Click --> Properties
The first tab (Web Site) has the TCP Port, just change this value and restart the website.
[/code:1]
Its worth noting that although it can help deter the attack, it will do nothing about preventing it. Its not that difficult to fingerprint the services/port to see whats actually running on them.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit
www.sec-1.com
or PM me for details.
