Fast deny remote admin batch.file

[kingozrecords]

Code: Select all

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v "fDenyTSConnections" /t REG_DWORD /d "1" /f

REM ** Disable new logons
change logon /disable
REM ** Throw out all existing sessions by resetting the listener session
for /f "tokens=2" %%i in ('qwinsta ^| find /i "listen"') do echo y | rwinsta %%i
REM ** Maintenance jobs like backup comes here
REM ** start /wait ensures that this job waits until the command
REM ** is executed completely before going on to the next command
start /wait <your maintenance command comes here>
REM ** Maintenance is finished. Let users in again
change logon /enable

netsh advfirewall firewall add rule name="BlockRemAdminIN" protocol=TCP
dir=in remoteport=3389 action=block

netsh advfirewall firewall add rule name="BlockRemAdminOUT" protocol=TCP
dir=out remoteport=3389 action=block

save as a .bat file and run it

Remote admin is a scary idea if you don't want that port open. Uninstalling it should be easy to look up, but this will prevent someone from using it on you. I suggest if you have worries, also look for the teamviewer uninstaller / remover. There's illegitimate versions of teamviewer that make it cheap to snoop on fellow musicians who made bling with frightening ease, even means of remotely controlling your computer, too.

[Shinizzle]

RDP ports are common and you have to give permission to allow someone to connect via it. Luckily remote access using RDP is not available on Windows Home PCs.
If you're really worried buy a decent router and block the ports on that.

[kingozrecords]

RDP ports are common and you have to give permission to allow someone to connect via it. Luckily remote access using RDP is not available on Windows Home PCs.
If you're really worried buy a decent router and block the ports on that.

I have home also, the ports and service are still available nonetheless, like through other services like teams and some chat clients that allow using another's desktop, they rely on those services. This is a very fast fix, peace of mind. Afaik viruses tend to use the linux subsystem, virtual disks, hypervisor, and vm, iis and .old net frameworks workarounds exploiting the earlier powershell which supersede admin privileges. These things can be turned off in cp -> programs and features -> windows features

[vstdls]

If your concern is this legitimate, you should pivot your time investment towards configuring your router and gateway firewall rules.