TheTOM_SK Posted January 1, 2007 Posted January 1, 2007 Remote Procedure Call (RPC) service keeps 2 ports 135 opened (screenshot).I tried XP's tools like WWDC, following registry tweaks, but none helped so far:[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]"EnableDCOM"="N"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]"ListenOnInternet"="N"Can anyone tell me please, if it is possible to disable it, if yes, then how? Thanks.
McTavish Posted January 1, 2007 Posted January 1, 2007 http://www.hsc.fr/ressources/breves/min_srv_res_win.en.htmlhttp://www.grc.com/freeware/dcom.htm
Spooky Posted January 1, 2007 Posted January 1, 2007 (edited) Disable file and printer sharing and client for microsoft networks for the connection. Don't disable dcom in Vista, it can be done, but its not a good idea. The RPC is open because there are a ton of things in Vista that rely on it, for example Superfetch relies on RPC so if you kill RPC then Superfetch will be adversly affected, and this is a brief reason why you shouldn't disable Dcom in Vista. Its open just like any other port on your computer is open for various reasons, and there is a reason for it to be open. The simple fact that it happens to be on port 135 doesn't necessarly mean its a bad thing, its not like past windows versions were and the advice about port 135 being a 'hidden server' and a danger doesn't necessarly hold true for Vista. Don't use that Dcom thing from GRC on Vista, and the information for Dcom on GRC and that other site doesn't hold true for Vista. Even if you found a way to disable every single port in windows you would still have ports open if the system was to run at all and port 135 is no different in this respect for Vista.If you set up the correct connection type for your connection and haven't done anything to the Vista firewall and disabled file and printer sharing and client for microsoft networks for the connection then even though port 135 shows as open it shouldn't be open to the outside world and to verfy that go to GRC.com or PCFlank or one of the many sites on the net and run one of their scan/stealth tests, if Vista is healthy and everything is set up properly then you should show as 100% stealthed with a standard Vista default install, if you don't then something is not right. There are numerous pieces of software that will expose port 135 also, many of the P2P clients will expose port 135 intermitantly for example.If it continues to bother you thats its open and you really want a 'peace of mind' thing then just set up an inbound and outbound rule in the firewall to block it for everything. Remote Procedure Call (RPC) service keeps 2 ports 135 opened (screenshot).I tried XP's tools like WWDC, following registry tweaks, but none helped so far:[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]"EnableDCOM"="N"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]"ListenOnInternet"="N"Can anyone tell me please, if it is possible to disable it, if yes, then how? Thanks. Edited January 1, 2007 by Spooky
McTavish Posted January 1, 2007 Posted January 1, 2007 Opps......sorry, never noticed you were asking about Vista. Thought it was for XP.
TheTOM_SK Posted January 1, 2007 Author Posted January 1, 2007 I stopped most services (screen), but RPC must not be stop.Well, Shields Up reports port 135 to be stealthed, so it is OK.I just wanted to close it, because I do not use a firewall now.Comodo on Vista works as an aplication monitor (outbound).
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now