By default, Microsoft Windows OS comes with Remote Desktop Services on default port 3389. Since it is a widely known port, it can be a target for Remote Desktop Brute Force attacks easily. Intruders initiate a Remote Desktop Connection with a random IP address on default port 3389.
Then, an extensive list of password combinations is entered with a known username, such as administrator/admin, etc. As a result, either they may find a password to access your VPS, or your VPS resources (CPU, RAM, and bandwidth) will be abused. This attack is continuous and stealthier. You can track them only if you check Event viewer and find multiple entries of 'audit failure' logs.
AccuWeb Hosting has started delivering VPS with Remote Desktop Service on a non-standard port to mitigate this problem. Hence, entering just the IP address/Computer name (without port) in any Remote Desktop client software won't work. Instead, you need to enter ‘Computer name/IP address.Port’ in the Remote Desktop Connection Window by following these steps –
1. Click Start → All Programs → Accessories → Remote Desktop Connection.
- OR -
2. Click Start → Windows System → Run.
3. Type mstsc in the text box and press the Enter Key.
4. Enter your Server's IP Address:Port Number, and click on the Connect button.
Here, we have entered 192.168.1.191 as an example. You need to replace it with your actual VPS IP address.
5. You will see a new window.
Enter your username and password, and click on the OK button.
6. Once you click on the Ok button, you will see an SSL Certificate warning message.
You have to ignore this warning message and tick the box Don't ask me again for connections to this computer.
7. Click on the Yes button to proceed further.
You have logged in to Windows VPS.
Regardless of the Remote Desktop client and Operating System, you need to enter 'Computer name/IP address: Port' in the Remote Desktop Connection Window.