Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
windows:rigutils:windows_tuning:configurefirewall.bat [2019/03/02 09:04] wikiadmin |
windows:rigutils:windows_tuning:configurefirewall.bat [2019/03/02 11:29] (current) wikiadmin |
||
|---|---|---|---|
| Line 281: | Line 281: | ||
| <WRAP group> | <WRAP group> | ||
| <WRAP half column> | <WRAP half column> | ||
| - | ~~#ALLOW.~~. [[https://openhardwaremonitor.org|Open Hardware Monitor]] is a nice freeware program for monitoring various parameters of your rig. Not all mining programs report GPU/CPU temperature. OHM may become very useful in such cases. It runs on port 8085. | + | ~~#ALLOW.~~. [[https://openhardwaremonitor.org|Open Hardware Monitor]] is a nice freeware program for monitoring various parameters of your rig. Not all mining programs report GPU/CPU temperature. OHM may become very useful in such cases. It runs as well as a normal windows program and also as a web server on port 8085 for remote monitoring. |
| </WRAP> | </WRAP> | ||
| Line 305: | Line 305: | ||
| </code> | </code> | ||
| + | ---- | ||
| + | ~~#ALLOW.~~. Configuring RDP server. | ||
| + | |||
| + | RDP states for //Remote Desktop Protocol// It's an MS invention for working with your desktop over network connection. Watch this [[https://www.youtube.com/watch?v=gsP46ltENRY|tutorial]] at YouTube. By default RDP server works on TCP,UPD port 3389. Unfortunately, it's became a quite popular [[https://www.speedguide.net/port.php?port=3389|target]] for hackers. Strong password for your remote user is a must and I also recommend to change((Changing RDP port [[https://danielzstinson.wordpress.com/change-the-default-listening-port-for-rdp/|blog post]])) the default port number to some random one. Most of automatic scanning bots will test just 3389 and will not try to scan the whole range of ports (1-65535) to find your RDP server. It'll not protect your from a determined hacker, but may reduce number of brute-force attacks. Using of [[:windows:software:openvpn|OpenVPN]] or a similar VPN solution is highly recommended if you plan to access your rig from Internet. | ||
| + | |||
| + | Well, too much words, code is much shorter: | ||
| + | <code powershell> | ||
| + | set /p allowRDP=Would you like to use Remote Desktop on your PC? If 'yes' press 1: || set "allowRDP=0" | ||
| + | |||
| + | if /i "y" == "%allowRDP%" set "allowRDP=1" | ||
| + | if "1" == "%allowRDP%" ( | ||
| + | call :allowRDP | ||
| + | ) else ( | ||
| + | call :inboundRule block TCP 3389 "Windows Remote Desktop - RDP" || goto :exitWithError | ||
| + | ) | ||
| + | |||
| + | :allowRDP | ||
| + | set "rdpPort=3389" | ||
| + | | ||
| + | set /p changeRDPort=Would you like to change default RDP port-%rdpPort% ^(recomended^)? If 'yes' press 1: || exit /b 0 | ||
| + | | ||
| + | if /i "y" == "%changeRDPort%" set "changeRDPort=1" | ||
| + | if "1" == "%changeRDPort%" ( | ||
| + | set /p rdpPort=Enter RDP port number or 0 to cancel: || exit /b 0 | ||
| + | | ||
| + | rem Validating input | ||
| + | set /a "portNumber=!rdpPort!" | ||
| + | if "!portNumber!" neq "!rdpPort!" set /a rdpPort=0 | ||
| + | ) | ||
| + | |||
| + | if "0" == "!rdpPort!" ( | ||
| + | echo action canceled | ||
| + | exit /b 0 | ||
| + | ) | ||
| + | | ||
| + | call :inboundRule allow TCP !rdpPort! "Windows RDP" || goto :exitWithError | ||
| + | call :inboundRule allow UDP !rdpPort! "Windows RDP" || goto :exitWithError | ||
| + | | ||
| + | echo updating RDP port number in registry | ||
| + | reg.exe ADD "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d !rdpPort! /f || goto :exitWithError | ||
| + | | ||
| + | echo restarting RDP service to changes take effect | ||
| + | powershell -Command "Restart-Service -Force -Verbose TermService" | ||
| + | |||
| + | exit /b 0 | ||
| + | </code> | ||
| + | Output | ||
| + | <code> | ||
| + | Would you like to use Remote Desktop on your PC? If 'yes' press 1: y | ||
| + | Would you like to change default RDP port-3389 (recomended)? If 'yes' press 1: y | ||
| + | Enter RDP port number or 0 to cancel: 43801 | ||
| + | TCP: 43801, rule: [allow] Windows RDP TCP-43801...OK | ||
| + | UDP: 43801, rule: [allow] Windows RDP UDP-43801...OK | ||
| + | updating RDP port number in registry | ||
| + | The operation completed successfully. | ||
| + | restarting RDP service to changes take effect | ||
| + | VERBOSE: Performing the operation "Restart-Service" on target "Remote Desktop Services (TermService)". | ||
| + | </code> | ||
| + | |||
| + | ---- | ||
| + | ~~#ALLOW.~~. Restoring firewall configuration in case of troubles. | ||
| + | |||
| + | Just a reminder: | ||
| + | <code> | ||
| + | For restoring of your original firewall configuration use the command: | ||
| + | netsh advfirewall import \firewall.wfw | ||
| + | or the following command if you want to restore default Windows settings: | ||
| + | netsh advfirewall reset | ||
| + | </code> | ||
| + | |||
| + | ---- | ||
| + | Con | ||
| ---- | ---- | ||
| GitHub [[https://github.com/vegaminer/rigutils/blob/master/windows_tuning/ConfigureFirewall.bat|ConfigureFirewall.bat]] | GitHub [[https://github.com/vegaminer/rigutils/blob/master/windows_tuning/ConfigureFirewall.bat|ConfigureFirewall.bat]] | ||
| ---- | ---- | ||