"but he use one port like 14564"
And what service would be listening on that port to connect too? That seems unlikely, more likely you are reading the info given wrong.. Possible that is the source port they connected from?
So you access your box via rdp from your house.. So on your router where you forward 3389 to your servers IP, put a restriction that traffic that can be forwarded to your servers internal IP can only come from your house IP.. Or if your IP changes quite often, then limit it to your isp netblox say 24.13.?.0/24 or /23 or /22, etc. This at least limits your exposure to who can hit your remote desktop to small number, vs say every bot/hacker in China