Tutorial4 min read

How to Find Exposed Remote Desktop (RDP) Servers

Discover Windows machines with RDP exposed to the internet — a major attack vector.

1

Search for RDP services

RDP runs on port 3389 by default and is one of the most targeted services.

port:3389 service:rdp
2

Check for BlueKeep vulnerability

CVE-2019-0708 (BlueKeep) allows unauthenticated RCE on older Windows systems.

vuln:CVE-2019-0708
BlueKeep affects Windows 7, Server 2008, and Server 2008 R2.
3

Filter by country

Find RDP servers in a specific country.

port:3389 service:rdp country:DE
4

Search by organization

Assess RDP exposure for a specific org.

port:3389 service:rdp org:"Microsoft"

Remediation & Hardening

  • Use a VPN or SSH tunnel instead of exposing RDP directly

  • Enable Network Level Authentication (NLA)

  • Use strong passwords and account lockout policies

  • Keep Windows updated — patch BlueKeep and related CVEs

  • Consider using Azure AD / Entra ID conditional access

  • Monitor RDP logs for brute-force attempts

Try It Now

Search for RDP across 85M+ indexed hosts — free, no registration required.

Search RDP

More How-To Guides

How to Find Exposed Redis ServersHow to Find Exposed MongoDB DatabasesHow to Find Exposed Elasticsearch ClustersHow to Find Exposed Jenkins ServersHow to Find Exposed Docker APIsHow to Find Exposed MySQL DatabasesHow to Find Exposed Kubernetes Clusters