Originally Posted by
themicah
And if you're really worried about port scanning, you can also set your router to listen on an alternate port.
For example, set up your router to forward external port 54321 (or whatever) to internal port 3389 on the appropriate internal IP address. Then when you open Remote Desktop Connection on your client machine, you just add :54321 to the end of the IP address or domain name you normally use to connect (no other configuration is necessary on the target computer).
Of course security through obscurity isn't real security, but it's one more tool you have to decrease the chances of somebody finding your machine and trying to brute-force it.
This is actually a great argument for why changing the port is a waste of time. The fact is that port scanning will find that open port, even if you change the port number.