OT#2: Port 135

Joseph C. Lininger jbahm at pcdesk.net
Sun Feb 1 06:10:52 EST 2004


Hello,
Port 135 is used by RPC, and is only open in Linux if the RPC portmapper is running. People typically scan for it because there are many known Windows exploits involving RPC. Unless you are using something that requires RPC (NFS comes immediately to mind), it would probably be a good idea to block it. Even if you are using something that needs RPC, you should still block port 135 from the internet.

-- 
Joseph C. Lininger
jbahm at pcdesk.net

On Sun, 1 Feb 2004, Chuck Hallenbeck wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I keep an eye (okay, an ear) on my firewall log these days and I
> see (okay, hear) efforts to reach my port 135. The /etc/services
> file says it is "location service", but I cannot find any
> information about it. Can anyone enlighten me? I have it
> blocked. Is that a safe policy?
>
> Thanks
> Chuck
>
>
> - --
> The Moon is Waxing Gibbous (78% of Full)
> In a world without Fences or Walls no one needs Windows or Gates.
> My home page is now at http://www.mhcable.com/~chuckh
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
> iQCVAwUBQBzamjVdG8M9x9tGAQLGSQQA2nXaf0NGlLGEGgOz8lOK7dG2gYrce3ro
> ngMkkDYbt567qSuX+O/rFEJ5ZgBW6PD00V1K4xzB8pESiAhkiU6+Wif/fPvAzo2d
> IuKp0/60oa7eLrvorThZmjW3UjJPtH1vNCqsfeQpy53+0bjv7AtWH6T88yr98Hkb
> yBXqxSdhekA=
> =iMXn
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>




More information about the Speakup mailing list