How to detect whether a remote computer is running RDP?

How do I detect if a remote client is running Remote Desktop Protocol? and it is also accepting remote desktop connections ??

Like Open an开发者_C百科 port to detect HTTP and send request, receive request headers and see in request headers information about HTTP so I will know the person is running HTTP weather if he changed the port e.g: running HTTP 6551.

Attempt and make a connection with something that is RDP-connection aware (RDP is not HTTP). Of course, failing to establish an initial handshake is not proof that a connection can not be established. It could be blocked by a firewall, listening on another port, etc.

The MS-RDPBCGR specification, page 16 talks about connecting which in turn defers to X.224, go figure.

It'd likely just be easiest to use Wireshark and observe in-the-wild behavior to develop a minimal detection case. I suspect only the very initial portion of the handshake needs to be generated/replayed in order to "decide" that it's a listening RDP server.

(Or, perhaps use an existing RDP client which has this "test connect" functionality or the ability to be scripted.)

A fast way is to pen a shell and type

telnet IPADDRESS 3389

If you get a connection, chances are good that an RDP server is on the other side. RDP can run on any port, but TCP Port 3389 is set per default.

Windows 7 requires some extra steps to enable the telnet Client.

You could do netstat -a in the command line and see if the default port for remote desktop connection is listening, ie. TCP:3389 but thats only if the client hasn't changed the ports for MSTSC