Port 3389 is used by Remote Desktop Protocol (RDP). Windows Remote Desktop. Allows graphical remote access to Windows computers. Widely used for remote work and server management.
What Does an Open Port 3389 Mean?
Windows Remote Desktop is exposed to the internet. Port 3389 is one of the most actively attacked ports on the internet. Use a VPN for remote access instead of exposing RDP directly.
This port should NOT be open to the public internet on typical systems. If you see it open, investigate immediately.
Security Risk Level
Critical Risk
How to Check if Port 3389 Is Open
Use the ExamineIP Port Scanner to check if port 3389 is open on any IP address from the public internet. Enter the target IP and select the relevant port preset.
How to Close Port 3389
- Stop the service using port 3389 if you no longer need it
- Add a firewall rule blocking inbound connections on port 3389
- Check your router for port forwarding rules that expose this port
- Run
netstat -ano | findstr :3389(Windows) to see which process is using it
Related Ports
RDP is related to: {implode(‘, ‘, Array)}
Protect Your Open Ports
If you need services like remote access, use a VPN to create a private encrypted tunnel instead of exposing ports directly to the internet. A VPN also hides your real IP address so port scanners cannot identify your device. Try PureVPN or IPVanish.