Do you need to know how to configure port forwarding on VPS? Inshort, port forwarding is a technique used in computer networking that allows incoming network traffic to be redirected from one network port on a router or firewall to another network port. Read this article and watch the video to find out how to open port and listen to it on VPS (RDP)
Forwarding a port is often necessary to enable communication between two devices on a network when they are not directly connected. For example, suppose you want to access a web server running on a machine within your home network from outside that network. In that case, you should set up port forwarding on your router or firewall.
Does malware use port forwarding?
Malware may use port forwarding as a means of enabling remote access and control of an infected device, as well as bypassing security measures that are in place to prevent such access. By setting up port forwarding on an infected device, the malware can create a pathway to communicate with other devices on the internet or within a local network without being detected by security systems designed to monitor network traffic.
For example, some types of malware may use port forwarding to enable a remote attacker to connect to a backdoor that the malware has created on an infected device, providing the attacker with full access to the device’s resources and sensitive information. Malware may also use port forwarding to create a proxy server on an infected device, which can relay traffic between other compromised devices and the attacker’s command and control servers.
Remote access trojans on Remote Desktop Protocol (RDP) and Virtual Network Computing (VNC) can use port forwarding to gain unauthorized access to a target system’s desktop interface.
Also, Malware and backdoor tools such as Netcat, Reverse Shell, some ransomware, and Backdoor Factory can use port forwarding. So, they create a reverse connection from a compromised system to an attacker-controlled system. Then, the attacker gain the remote access control of the compromised system.
Can FUD crypter affect the connection?
No, Instead of using the Tool options, opt for the crypter options. If you prefer to utilize your tool options (such as startup or installation), place the injection on “itself.”
Prerequisites
Before proceeding, ensure you have:
- A VPS with a static IP address
- Administrative access to your VPS
How to open forwarding port on RDP?
In summary, when utilizing a VPS, remember to open the port and configure firewall rules accordingly.
Alternatively, if you prefer to run it on your PC, you have the option to employ a VPN with custom port forwarding. Or manually open the port on your modem or router (note that some models lack port forwarding capabilities). For a detailed guide, you can watch the video below demonstrating how to set up port forwarding on a VPS or RDP. Prior to beginning, we suggest watching videos on bypassing Windows Defender if you’re interested in achieving FUD results.
This tutorial is made for how to forward a port on VPS (RDP).
Open Windows Defender Firewall settings. You can reach this setting by “Control PanelAll Control Panel ItemsWindows Defender”.
Firewall or use this keyboard shortcut: Windows + R and type “firewall.cpl”.
Then, choose “Advanced settings.”
In addition, you must define your desired port by creating rules on Inbound rules settings.
Click on the “Inbound Rules”
Then click on “New Rule…”
In the opened window, select the port option and click next
As you see, you have two options (TCP and UDP). You must open your desired port in both.
add your port number and click next
Click Next and enter your port name as you like.
It is better to write the name in such a way that later for changes, you will know whether it is TCP or UDP.
We have now opened the port for TCP; we do the same steps for UDP and define its rule like this. Click “New Rule…” and do it.
Let’s check the port on the Canyouseeme website and see what happens.
type the forwarded port and click on the Check port button
See the error result. Port forwarding on VPS faild.
What should we do? After you have forwarded the port, you should listen to it.
How to listen to a port?
In order for a device to receive incoming network traffic on a specific port, the port must be open and listening for incoming connections. It means that a forwarded port must also be listening to receive incoming traffic forward to it.
To listen on a specific port, an application or service must be running on the device that is designed to handle incoming connections on that port. In short, we suggest watch the video again to find out how to listen port.
When a port is forwarding on a network, the device’s router or firewall will forward incoming traffic on that port to the listening service or running applications. It allows the device to receive incoming traffic from other devices on the internet or within the same network and to respond to requests accordingly.
It is important to note that forwarding a port alone does not automatically make a service or application accessible from the internet or other networks. The listening service or application must also be properly configured to accept incoming connections and respond to requests.
The device will connect to a network with a unique IP address on that network. A port is a number that is used to differentiate between different network services that may be running on the same device. For example, a web server may be running on a device, along with an email server and a file-sharing service.
How open forwarding and listen to it?
To receive incoming network traffic on a specific port, the software application that is responsible for handling that type of traffic must be running and listening on the corresponding port.
If the port is not open and listening, incoming traffic will not be able to reach the intended service or application. Instead, the client attempting to connect to the service will receive an error message or a connection timeout.
So, how open forwarding? For listening to port forwarding on VPS, I will try it in the DcRAT tool for testing.
Type the forwarded port for listening on DcRAT.
Now let’s recheck the result and check your payload with crypter Runtime tool too.
See, we have configured the port forwarding correctly. If you have a problem with how to make FUD a RAT visit our blog. You can watch how make Warzone RAT FUD for instance.
Advanced Tips and Considerations
For a visual walkthrough, watch again the comprehensive video guide for how open forwarding advanced tips.
- Locate your VPS’s public IP address from your hosting provider. This unique address identifies your server on the internet. Alternatively, visit a service like “What Is My IP Address” to find it.
- Use non-standard ports for added security (e.g., 53589 instead of 3389).
- Implement two-factor authentication for an extra security layer.
- Regularly update your VPS and remote desktop software.
- Monitor connections and disable port forwarding when not in use.
- Consider a Virtual Private Network (VPN) for enhanced privacy.
Troubleshooting Common Port Forwarding Issues
- Ensure your VPS firewall allows incoming connections on port 3389.
- Double-check your port forwarding rules for accuracy.
- Restart your router and VPS after making configuration changes.
- Temporarily disable any third-party firewalls or antivirus software.
Follow us on telegram and give your feedback. If you want to make a crypter read our articles.