Learn to protect your PC connected with IPv6

RDP

In this article, I'll guide you in turning off the ping to your machine and changing the default Remote Desktop (RDP) listening port 3389.

If your computer has the IPv6 protocol enabled, your IP is available for web connections without any configurations at your modem. In IPv6, the address is routed from router to router until it reaches your device.

Modems usually inactivate this behavior, but you must be careful if you want to access your Windows device via RDP.

Turning off the ICPM protocol

First, turn off the ping echo so your device will not be easily discovered online.

To do this, open your Power Shell command as administrator and run the code below.

Power Shell command

Starting Power Shell as Administrator

Code to block ping, ICPM protocol.

# Define the new firewall rule
$ruleName = "Block ICMP Echo Requests"
$ruleDescription = "This rule blocks ICMP echo requests to disallow ping."

# Check if the rule already exists
$existingRule = Get-NetFirewallRule -DisplayName $ruleName -ErrorAction SilentlyContinue

if ($existingRule) {
    Write-Host "The rule '$ruleName' already exists. Deleting the existing rule..."
    Remove-NetFirewallRule -DisplayName $ruleName
}

# Create a new rule to block ICMP echo requests
New-NetFirewallRule -DisplayName $ruleName `
                    -Description $ruleDescription `
                    -Protocol ICMPv4 `
                    -IcmpType 8 `
                    -Direction Inbound `
                    -Action Block

Write-Host "The rule '$ruleName' has been created successfully and ICMP echo requests are now blocked."

Code to remove protocol ICMP.

You need to restart your device to take effect!

Changing RDP Port using a .NET Console app

Create a console app to change the RDP Port. Open a command line and follow these commands.

md RdpCommandPortChanger
cd RdpCommandPortChanger
dotnet new console

Note. To do this, you must install .NET and Visual Studio, or VS Code, on your machine. You can download it at https://dotnet.microsoft.com/en-us/download/dotnet.

Enter the RdpCommandPortChanger.csproj using Visual Studio and add this code to the Program.cs file.

// Define the registry path
using Microsoft.Win32;

var registryPath = @"SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp";
var valueName = "PortNumber";

// Open the registry key
using var key = Registry.LocalMachine.OpenSubKey(registryPath);

if (key != null)
{
    // Read the port number
    var portNumberValue = key.GetValue(valueName);
    if (portNumberValue != null)
    {
        // Convert the port number to an integer
        int portNumber = (int)portNumberValue;
        // Print the port number to the console
        Console.WriteLine($"Current Port Number for RDP: {portNumber}");

        // Read new port number from the console
        Console.Write("Enter new port number: ");
        if (int.TryParse(Console.ReadLine(), out int newPortNumber))
        {
            // Open the registry key with write access
            using var keyX = Registry.LocalMachine.OpenSubKey(registryPath, writable: true);

            if (keyX != null)
            {
                // Update the port number in the registry
                keyX.SetValue(valueName, newPortNumber, RegistryValueKind.DWord);
                Console.WriteLine($"Port number updated to: {newPortNumber}");
            }
            else
            {
                Console.WriteLine("Registry key not found.");
            }
        }
        else
        {
            Console.WriteLine("Invalid port number.");
        }
    }
    else
    {
        Console.WriteLine("Port number not found.");
    }
}
else
{
    Console.WriteLine("Registry key not found.");
}

Console.WriteLine("Press ENTER to exit!");
Console.ReadKey();

You can publish it, open the target location, and run the .exe file "as administrator" using the context menu on File Explorer.

File Explorer

Tada!

Just type a new port and press ENTER to confirm the change.

ENTER to confirm

Changing the RDP port, on this sample, I used 321245 as my new port; it's recommended to use a high number from 3389 till 65536:

RDP port

And the Windows settings will reflect the change.

Windows settings

What is ICMP protocol?

The Internet Control Message Protocol (ICMP) is a protocol used by network devices to communicate problems with data transmissions. According to this definition, one critical use of ICMP is to determine whether data is reaching its destination at the appropriate time. This makes ICMP a crucial part of error reporting and testing to determine how successfully a network transmits data. However, it can also carry out distributed denial of service (DDoS) assaults.

Disabling ICMP (Internet Control Message Protocol) can help mitigate some DDoS (Distributed Denial of Service) attacks that use the protocol. For example, ICMP flood attacks occur when attackers send many ICMP Echo Request (ping) packets to overwhelm the target's network resources, causing genuine traffic to be dropped or delayed. ICMP Echo Requests can be disabled to prevent flood attacks. Similarly, in a Smurf attack, attackers send ICMP Echo Requests to a network's broadcast address, prompting all devices on the network to send Echo Replies to the target and overwhelming it. Disabling ICMP on network devices prevents them from responding to faked Echo Requests. Furthermore, faulty or oversized ICMP packets in Ping of Death assaults can result in buffer overflows and system failures, which can be avoided by turning off ICMP.

However, entirely blocking ICMP can impact legal network functions like diagnostics (e.g., ping and traceroute) and error reporting, thus limiting network troubleshooting and performance monitoring. A more balanced strategy could include selectively blocking specific ICMP kinds, such as Echo Requests, or rate-limiting ICMP traffic to reduce attacks while maintaining some diagnostic capabilities. This selective blocking decreases the attack surface while preserving vital network management tools. Finally, disabling ICMP should be part of an entire DDoS mitigation strategy that includes firewalls, intrusion prevention systems (IPS), rate limiting, and other steps to ensure robust protection against various DDoS attacks while keeping the network operational.

Conclusion

These two simple methods can help you prevent hackers and bots from accessing your devices. If your username and password are weak, it does not save you but adds a small security layer.

I hope this helps you stay secure. Remember that firewalls and paid antivirus software are crucial to avoiding digital plagues.

If this makes sense to you, please give it a like!

Attached is a .zip with the RDP Console App used in this article.


Similar Articles