Jump to content

How to disable RPC's port 135?


TheTOM_SK

Recommended Posts

Remote Procedure Call (RPC) service keeps 2 ports 135 opened (screenshot).

I tried XP's tools like WWDC, following registry tweaks, but none helped so far:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="N"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]
"ListenOnInternet"="N"

Can anyone tell me please, if it is possible to disable it, if yes, then how? Thanks.

Link to comment
Share on other sites


Disable file and printer sharing and client for microsoft networks for the connection. Don't disable dcom in Vista, it can be done, but its not a good idea. The RPC is open because there are a ton of things in Vista that rely on it, for example Superfetch relies on RPC so if you kill RPC then Superfetch will be adversly affected, and this is a brief reason why you shouldn't disable Dcom in Vista. Its open just like any other port on your computer is open for various reasons, and there is a reason for it to be open. The simple fact that it happens to be on port 135 doesn't necessarly mean its a bad thing, its not like past windows versions were and the advice about port 135 being a 'hidden server' and a danger doesn't necessarly hold true for Vista. Don't use that Dcom thing from GRC on Vista, and the information for Dcom on GRC and that other site doesn't hold true for Vista. Even if you found a way to disable every single port in windows you would still have ports open if the system was to run at all and port 135 is no different in this respect for Vista.

If you set up the correct connection type for your connection and haven't done anything to the Vista firewall and disabled file and printer sharing and client for microsoft networks for the connection then even though port 135 shows as open it shouldn't be open to the outside world and to verfy that go to GRC.com or PCFlank or one of the many sites on the net and run one of their scan/stealth tests, if Vista is healthy and everything is set up properly then you should show as 100% stealthed with a standard Vista default install, if you don't then something is not right. There are numerous pieces of software that will expose port 135 also, many of the P2P clients will expose port 135 intermitantly for example.

If it continues to bother you thats its open and you really want a 'peace of mind' thing then just set up an inbound and outbound rule in the firewall to block it for everything.

Remote Procedure Call (RPC) service keeps 2 ports 135 opened (screenshot).

I tried XP's tools like WWDC, following registry tweaks, but none helped so far:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="N"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs]
"ListenOnInternet"="N"

Can anyone tell me please, if it is possible to disable it, if yes, then how? Thanks.

Edited by Spooky
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...