Port 135 is primarily used to use RPC (remote Procedure call, remote procedure calls) protocol and to provide DCOM (distributed Component Object Model) services.
Port Description: Port 135 is primarily used to use RPC (remote Procedure call, remote procedure calls) protocol and to provide DCOM (distributed Component Object Model) service, which guarantees that programs running on a single computer can successfully execute code on a remote computer; Using DCOM, you can communicate directly over a network, which can be transmitted across a wide range of networks, including HTTP protocols.
Port vulnerability: It is believed that many Windows 2000 and Windows XP users had a "shockwave" virus last year that exploited RPC vulnerabilities to attack computers. RPC itself has a vulnerability in the processing of the message exchange over TCP/IP, which is caused by incorrectly handling malformed messages. This vulnerability affects an interface between RPC and DCOM, which listens on a port that is 135.
Operation recommendation: In order to avoid the "shockwave" virus attack, we recommend that the port be closed.
Close port 135
Click "Start"-"Run", enter "DCOMCNFG", and click OK to open Component Services.
Second, in the Pop-up Component Services dialog box, select the computer option.
Third, on the right side of the computer option, right-click My Computer and choose Properties.
On the Default Properties tab of the My Computer Properties dialog box that appears, remove the tick before enable Distributed COM on this computer.
V. Select the Default Protocol tab, select Connection-oriented TCP/IP, and click the Delete button.