Internet-Security.com TCP port 3389 details

TCP port 3389 is the default port for Microsoft Remote Desktop Protocol (RDP) on Windows (TermService).
It is used by Windows Server Remote Desktop Services and Windows 10/11 Pro/Enterprise for remote logons via Microsoft Remote Desktop clients.
Microsoft Remote Assistance sessions also use RDP over 3389 to the target Windows machine.
On Linux, the xrdp server listens on 3389 to allow RDP clients to access Linux desktops.
Cloud VMs (e.g., Microsoft Azure and AWS EC2 Windows instances) commonly expose 3389 for administration unless routed through RD Gateway or Bastion.
Remote desktop clients such as Microsoft Remote Desktop, FreeRDP, and rdesktop connect to hosts on 3389.
Broker/VDI solutions (e.g., VMware Horizon, Citrix Virtual Apps and Desktops, and Apache Guacamole) can use RDP and thus connect to Windows endpoints on 3389.
Security: 3389 is heavily targeted for brute-force logins and RDP exploits (e.g., BlueKeep/CVE-2019-0708), often used as initial access for ransomware; avoid exposing it directly to the internet.

TCP 3389