How To Disable Port 135 In XP?

  • Thread starter Thread starter Hank Kingwood
  • Start date Start date
H

Hank Kingwood

I've read the information at http://grc.com/dcom/ that mentions to turn
off DCOM and disable Task Scheduler, and Distributed Transaction
Coordinator (MSDTC) in order to close port 135. I've performed the
three tasks and rebooted, but port 135 is shown to still be open when
using a port scanner from another machine.

How can I close port 135 without using a firewall? Surely port 135 is
still being used by some service, yes?

Thanks.
 
Hank said:
How can I close port 135 without using a firewall? Surely port 135 is
still being used by some service, yes?
Click to expand...

I believe you must search the registry for:
port
135
rpc

and make sure these keys are disabled.

I saw more virus use of rpc port 135 at
http://www.linklogger.com/TCP135.htm

I, too am trying to determine which apps use rpc, so that if I disable
this port, I know what applications are impacted.

http://isc.sans.org/port_details.php?port=135

So far, I've discovered

*Require* RPC
MSMQ http://support.microsoft.com/default.aspx?scid=kb;en-us;178517
DCOM (as above)
SMB (samba)

*Prefer* RPC
Exchange
Active Directory
Some 3rd party apps
Remote Desktop Connection/Protocol
DHCP
DNS/WINS

I'm trying to determine all apps that are impacted, and which become
dysfunctional without RPC.
In particular, I am trying to determine, if client computers running a
firewall blocking port 135 will lose any functionality. Microsoft seems
to recommend blocking this port:
http://www.microsoft.com/technet/security/bulletin/MS03-010.mspx
However, it makes no mention of the impact of blocking port 135
Thanks!
 
Back
Top