Rdp |work|: 0x904

Standard RDP uses port 3389 (0xD3D). Port 2308 (0x904) is not an official IANA-registered port for RDP. In cybersecurity and system administration, its use with RDP implies port redirection , tunneling , or obfuscation —typically for security evasion or network segmentation. Write-Up: Analysis of RDP on Non-Standard Port 0x904 (2308/TCP) 1. Overview | Attribute | Value | |-----------|-------| | Port number (hex) | 0x904 | | Port number (decimal) | 2308 | | Protocol | TCP (typically) | | Standard service | Unassigned / ephemeral range (IANA) | | Observed use | Alternative port for Microsoft RDP | | Risk context | Evasion, lateral movement, misconfiguration |

nmap -p 2308 --script rdp-ntlm-info <target> Or manually: 0x904 rdp

When RDP is found listening on 0x904 , it is almost always the result of an intentional configuration change, a port forward, or a tunnel (e.g., SSH, stunnel, or a reverse proxy). Administrators or attackers may move RDP from 3389 to 0x904 for the following reasons: Standard RDP uses port 3389 (0xD3D)