# RDP Security, why? ### What is RDP and is it secure? RDP or remote desktop protocol was developed by the Microsoft corporation. RDP itself allows you to connect to a machine remotely via the public internet but by doing this you expose yourself to the public internet via port 3389, this is a security concern. Read more about this [**here**](https://docs-servers.zesty.group/security/rdp-security-why). ### Does Zesty offer tools to help me? We offer two different tools, RDPHelper and ZestyTool. RDPHelper is a paid service that Zesty offers to clients completely free of charge as we pay for licensing for all clients. {% content-ref url="/pages/OABBZDURyntg6ApDwyXS" %} [RDPHelper](/security/rdphelper.md) {% endcontent-ref %} {% content-ref url="/pages/SWaV2cvxssA2lcW7FnMX" %} [Setup 2FA (TOTP)](/security/rdphelper/setup-2fa-totp.md) {% endcontent-ref %} We also offer the ZestyTool which allows you to change your RDP port and install EZWinBan (Brute Force Defense). Changing your RDP port helps throw off attackers as the default port is 3389. EZWinBan will ban any IPs from the server that fail to connect more than 2 times. {% content-ref url="/pages/-MHOR1FKr2lph0XXnoRX" %} [RDP Change - ZestyTool](/security/rdp-change/zestytool.md) {% endcontent-ref %} {% content-ref url="/pages/s3BDHFKEd3chj6N0CaHB" %} [How to enable brute force prevention](/security/how-to-enable-brute-force-prevention.md) {% endcontent-ref %} {% content-ref url="/pages/-M3jD2mLf9wTWVAphiIZ" %} [How to setup DUO 2FA on RDP](/security/how-to-setup-duo-2fa-on-rdp.md) {% endcontent-ref %} ### Keep your server updated. Keeping your server updated will help against RDP attacks due to the fact that there will be flaws in the RDP protocol that are updated and patched via Microsoft. Although this is rare, we highly recommend keeping your server updated or to check for updates once a week. {% content-ref url="/pages/-MHOOYmFm9LxWsm5-8zm" %} [How do I update my server?](/basics/how-to-update-windows.md) {% endcontent-ref %} ### What is Zesty doing to help prevent brute force? Here at Zesty we use the honeypot method; we have setup our network to allow attackers to brute force specific machines that we have setup publicly. After those machines get attacked, we automatically sift through Windows logs and ban those attacking IPs from our network. This is something that is run 24/7/365. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs-servers.zesty.group/security/rdp-security-why.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.