Azu Posted November 2, 2007 Share Posted November 2, 2007 Hello.. I'm sorry if this has been asked a million times (it probably has) but I've been searching for a long time and nothing I've found has been of much help. On my computer there are process(es) always listening on port 135 and 1025. These are the only ports that show up as open on the GRC "full port scan" besides port 80 when my firewall is off. How can I find out exactly what is listening on these ports? And how can I prevent it from listening on these ports without messing up my system? I've heard that Windows RPC listens on port 135 and ending that process isn't really an option for me.. and I have no clue what is using port 1025.. I've heard that it varies a lot.. So how can I prevent my computer from listening on these ports? And possibly find out why it is listening on them/what it is doing with them? (this isn't all that important though, the main issue is just getting it to stop doing this) Any help would be very very appreciated. This is on 64bit XP SP2. Oh and one more little question.. not all that important but it would be nice.. is there a way to make it so that my computer doesn't say port 80 is open unless a VALID http request is being made to it? I think this would prevent most port scans from finding it open maybe. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/ Share on other sites More sharing options...
jcombs_31 Posted November 2, 2007 Share Posted November 2, 2007 Did you make any attempt to type "port 135" or "port 1025" on google? Your answer should be pretty clear in the first set of results. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383871 Share on other sites More sharing options...
Azu Posted November 2, 2007 Author Share Posted November 2, 2007 Sorry I tried to make it clear that I did I guess I wasn't clear enough. Yes. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383877 Share on other sites More sharing options...
jcombs_31 Posted November 2, 2007 Share Posted November 2, 2007 and did you actually click one of the links google provides? Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383881 Share on other sites More sharing options...
Azu Posted November 2, 2007 Author Share Posted November 2, 2007 Okay I first I thought that maybe you just couldn't understand my first post for some reason. But now it is apparent that you are just flat out trolling. Please stop. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383889 Share on other sites More sharing options...
neylitalo Posted November 2, 2007 Share Posted November 2, 2007 No, he's not "just flat out trolling." He's asking you those questions because you'd have to be an idiot to follow those links and not see that the information they give you is exactly what you're looking for, so he's giving you the benefit of the doubt. The very first links provided by Google when you search for "port 135" and "port 1025" lead you to the GRC's info pages on the ports - a rather reputable source, I'd say. Have you tried using a firewall? If not, try the Windows firewall, see if it's any good. Note: The unfortunate thing about ports > 1024 is that there isn't really any "official" association between a port number and a service, so you can't really be sure what's listening on port 1025, unless Windows has added a way to tell you the applications that have network connections. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383894 Share on other sites More sharing options...
Azu Posted November 2, 2007 Author Share Posted November 2, 2007 I've been searching for a long timek? Meaning that.. that's right.. that I searched! nothing I've found has been of much help.Meaning that the results do not solve my problem.. how can I prevent it from listening on these ports without messing up my system?That rules out killing the RPC process, which is the only way mentioned to make it stop listening on that port. If you know of a search that describes how to do this without messing up RPC and thus my computer, please do share it. I've heard that Windows RPC listens on port 135 and ending that process isn't really an option for me..k? So in other words I searched and what I found basically says that I need to kill the RPC process to make it stop trying to listen on port 135.. and as I've already said, I'm not going to do that, since it will make a lot of stuff stop working. and I have no clue what is using port 1025.. I've heard that it varies a lot..That's all I've found out about the ports around 1025 and 1024 and 1026 etc etc.. that they vary.. I know that.. I found that out by searching.. I want to know how to find out what is listening on it though. And how to make it stop listening on it without breaking said program. Oh and one more little question.. not all that important but it would be nice.. is there a way to make it so that my computer doesn't say port 80 is open unless a VALID http request is being made to it? I think this would prevent most port scans from finding it open maybe.And I'm definitely sure that I've never seen any search results that hint at answering this one. So ya, if you don't want to come across as a sarcastic troll that is playing dumb.. then try to read and/or comprehend what you read (no offense) And if you STILL find a way to misinterpret what I am saying even when I have spelled it out this much.. then forget it.. I'm sorry but I don't know of any simpler/more straight forward ways to put it, and will just wait for (hopefully) someone to come along that understands what I am saying. It shouldn't be that hard to understand.. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383911 Share on other sites More sharing options...
neylitalo Posted November 2, 2007 Share Posted November 2, 2007 Oh and one more little question.. not all that important but it would be nice.. is there a way to make it so that my computer doesn't say port 80 is open unless a VALID http request is being made to it? I think this would prevent most port scans from finding it open maybe.And I'm definitely sure that I've never seen any search results that hint at answering this one. This would require some very tricky firewalling - and to be honest, I'm not sure that your web server would even work properly with such a rule in place. I wouldn't be surprised at all if the first thing a browser does before sending the HTTP request is check if the port is open. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-383917 Share on other sites More sharing options...
Daniel0 Posted November 3, 2007 Share Posted November 3, 2007 Run netstat -abo as an admin. -a shows all connection and associated ports. -b shows which executable file that is associated to the connections. -o shows the PID of the process associated to the connections. I guess that'll give you the answers you need. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-384082 Share on other sites More sharing options...
neylitalo Posted November 3, 2007 Share Posted November 3, 2007 Ah, I didn't know Windows XP had a netstat - that'll do the trick nicely. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-384087 Share on other sites More sharing options...
Azu Posted November 3, 2007 Author Share Posted November 3, 2007 Run netstat -abo as an admin. -a shows all connection and associated ports. -b shows which executable file that is associated to the connections. -o shows the PID of the process associated to the connections. I guess that'll give you the answers you need. Thanks I still don't know how to make the programs stop listening on these ports though without making the programs stop working though.. And the command scrolls way off the page so that it doesn't show most of the stuff.. TCP none:http r2d2.satgate.net:60424 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http r2d2.satgate.net:39574 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http r2d2.satgate.net:55438 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http r2d2.satgate.net:38088 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 85.195.164.175:1320 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 85.195.164.175:1319 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http vip32.ign.cz:45206 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http hp4gamers.de:49009 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http hp4gamers.de:48862 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 86-39-156-1.tactics.be:58218 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http 86-39-156-1.tactics.be:58207 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http 87-248-174-36.starnet.md:52528 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http ip-89-102-129-76.karneval.cz:3841 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http euro.radiohost.pl:34527 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http euro.radiohost.pl:34517 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:14932 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:16169 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:13638 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:13868 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:25007 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http adsl-105-1.globonet.hu:19835 CLOSE_WAIT 25 64 [lighttpd.exe] TCP none:http proxy.gcn.ua:50309 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy.gcn.ua:51340 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy.gcn.ua:49792 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 18-85-113-92.pool.ukrtel.net:59926 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 18-85-113-92.pool.ukrtel.net:59927 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 18-85-113-92.pool.ukrtel.net:59924 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http jessica.w3.org:57581 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http websauce.net:43421 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http w3cache.polsl.pl:50723 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http h73n199.biveg.ru:62577 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http h73n199.biveg.ru:62355 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 195.205.214.163:47263 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 195.205.214.163:47270 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http hbzphp.deep-thoughts.com:2156 CLOSE_WAIT 2 564 [lighttpd.exe] TCP none:http mail.iab.com.ar:60640 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http mail.iab.com.ar:46855 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http mail.iab.com.ar:60594 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 202-45-102-164-static.spacecentre.com.au:52674 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 202-45-102-164-static.spacecentre.com.au:52669 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http psf-p2.singnet.com.sg:59071 CLOSE_WAIT 256 4 [lighttpd.exe] TCP none:http psf-p2.singnet.com.sg:34200 CLOSE_WAIT 256 4 [lighttpd.exe] TCP none:http psf-p2.singnet.com.sg:55953 CLOSE_WAIT 256 4 [lighttpd.exe] TCP none:http owghosting.com:40371 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http owghosting.com:39636 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http owghosting.com:39639 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http owghosting.com:40382 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:34885 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:35267 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:57284 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:44472 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:35626 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:54690 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:36045 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy-out1.bol.bg:44489 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy8.netis.ru:47863 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http proxy8.netis.ru:54545 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http str.bashnet.ru:41035 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http str.bashnet.ru:41083 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 213.226.196.173:23417 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 213.226.196.173:23414 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 213.226.196.173:23416 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http gaja.tpnet.pl:39787 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http ns.4nets.lv:55625 CLOSE_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:48880 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:48525 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:29412 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:39129 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:59732 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:58161 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:13504 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:25492 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:17940 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:58516 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:43943 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:18586 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:http 218-186-12-10.cache.maxonline.com.sg:48763 CLOS E_WAIT 2564 [lighttpd.exe] TCP none:31274 opium2.msg.vip.dcn.yahoo.com:http TIME_WAIT 0 UDP none:isakmp *:* 436 [lsass.exe] UDP none:3726 *:* 1816 [voicechat.exe] UDP none:1059 *:* 792 Dnscache [svchost.exe] UDP none:1044 *:* 792 Dnscache [svchost.exe] UDP none:microsoft-ds *:* 4 [system] UDP none:1060 *:* 792 Dnscache [svchost.exe] UDP none:1061 *:* 792 Dnscache [svchost.exe] UDP none:ipsec-msft *:* 436 [lsass.exe] UDP none:8730 *:* 2564 [lighttpd.exe] C:\Documents and Settings\Administrator> Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-384365 Share on other sites More sharing options...
Daniel0 Posted November 3, 2007 Share Posted November 3, 2007 Duh, if they can't listen to the ports then they obviously won't work! Also, could someone change the tag to a tag to enable overflow:auto;? Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-384369 Share on other sites More sharing options...
Azu Posted November 5, 2007 Author Share Posted November 5, 2007 Thanks so can anyone try to help? That would be very nice ^^ Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-384719 Share on other sites More sharing options...
steelmanronald06 Posted November 5, 2007 Share Posted November 5, 2007 Yeah, I'll help: http://www.linklogger.com/TCP1025.htm http://www.grc.com/port_135.htm http://www.iss.net/security_center/advice/Exploits/Ports/135/default.htm http://www.governmentsecurity.org/archive/t10781.html http://img233.imageshack.us/img233/3961/dumbassju0.jpg http://www.google.com/search?source=ig&hl=en&rlz=&q=port+135&btnG=Google+Search http://www.google.com/search?source=ig&hl=en&rlz=&q=port+1025&btnG=Google+Search http://searchsecurity.techtarget.com/ateQuestionNResponse/0,289625,sid14_cid466459_tax292733,00.html http://www.computing.net/security/wwwboard/forum/15531.html http://blog.spikesource.com/fuser_netstat.htm Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385036 Share on other sites More sharing options...
Daniel0 Posted November 5, 2007 Share Posted November 5, 2007 lol Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385044 Share on other sites More sharing options...
Azu Posted November 6, 2007 Author Share Posted November 6, 2007 Thanks for trying to be helpful. I'm not sure how to use any of have to make these services stop listening on those ports though? I'm pretty sure that they don't NEED to be listening on them, since my computer doesn't crash if I unplug my modem. So if someone could please actually try to answer my question instead of just being a smartass troll, that would be greatly appreciated ^^ Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385421 Share on other sites More sharing options...
TheFilmGod Posted November 6, 2007 Share Posted November 6, 2007 Port 135 (googled and found this) Name: dcom-scm Purpose: DCOM Service Control Manager Description: Microsoft's DCOM (Distributed, i.e. networked, COM) Service Control Manager (also known as the RPC Endpoint Mapper) uses this port in a manner similar to SUN's UNIX use of port 111. The SCM server running on the user's computer opens port 135 and listens for incoming requests from clients wishing to locate the ports where DCOM services can be found on that machine. Related Ports: 111 Background and Additional Information: Port 135 is certainly not a port that needs to be, or should be, exposed to the Internet. Hacker tools such as "epdump" (Endpoint Dump) are able to immediately identify every DCOM-related server/service running on the user's hosting computer and match them up with known exploits against those services. Any machines placed behind a NAT router (any typical residential or small business broadband IP-sharing router) will be inherently safe. And any good personal software firewall should also be able to easily block port 135 from external exposure. That's what you want. In addition, many security conscious ISPs are now blocking port 135 along with the notorious "NetBIOS Trio" of ports (137-139). So even without any of your own proactive security, you may find that port 135 has been blocked and stealthed on your behalf by your ISP. Going Further: Closing port 135 The widespread exposure and insecurity of this port has generated a great deal of concern among PC gurus. This has resulted in several approaches to shutting down the Windows DCOM server and firmly closing port 135 once and for all. Although applications may be "DCOM enabled" or "DCOM aware", very few, if any, are actually dependent upon the presence of its services. Consequently, it is usually possible (and generally desirable if you're comfortable doing such things) to shut down DCOM and close port 135 without any ill effects. (The fewer things running in a Windows system, the fewer things to suck up RAM and slow everything else down.) If you are curious about taking control of and terminating another unnecessary Windows "service", the following links will provide you with the information and instructions you'll need: Port 1025: (Googled and found this) Name: blackjack Purpose: network blackjack Description: Microsoft operating systems tend to allocate one or more unsuspected, publicly exposed services (probably DCOM, but who knows) among the first handful of ports immediately above the end of the service port range (1024+). Related Ports: 1024, 1026, 1027, 1028, 1029, 1030 Background and Additional Information: The most distressing aspect of this, is that these service ports are wide open to the external Internet. If Microsoft wants to allow DCOM services and clients operating within a single machine to inter-operate, that's fine. But in that case the DCOM service ports should be "locally bound" so that they are not wide open and flapping in the Internet breeze. This is trivial to do, but Microsoft doesn't bother. Or, if there might be some reason to have DCOM used within a local area network, DCOM traffic could be generated with packets having their TTL (time to live) set down to one or two. This would allow DCOM packets complete local freedom, but they would expire immediately after crossing one or two router hops. The point is, there are many things Microsoft could easily do if they had any true concern for, or understanding of, Internet security. Who knows what known or unknown, discovered or yet to be discovered vulnerabilities already exist those exposed servers and services? This is PRECISELY the situation which hit end users who didn't realize they were running a personal version of Microsoft's IIS web server when the Code Red and Nimda worms hit them and installed backdoor Trojans in their systems. And it's IDENTICAL to the situation when the SQL Slammer worm ripped across the Internet and tens of thousands of innocent end users discovered, to their total surprise, that some other software (Here's an off-site link to SQL-installing applications.) had silently installed Microsoft's insecure and now exploited SQL server into their machines, and that server had silently opened their ports 1433 and 1434 to the entire Internet. If you are reading this page because our port analysis has revealed that you have open ports lying between 1024 and 1030, it would certainly be in your best interests to configure your personal firewall to block incoming connection requests (TCP SYN packets) to those low-numbered ports. Unfortunately, since Windows initially initiates outgoing connections from this same low-numbered port range (as the first ports it uses immediately after booting), you may need to be careful with the configuration of your firewall rules. Otherwise you may find that the first several outbound connection attempts made by Windows will fail because returning traffic has been blocked at your firewall. However, any good stateful personal firewall, such as Zone Alarm and probably others, ought to block these low-numbered ports automatically. And, of course, placing any network behind a NAT router provides extremely good hardware firewall protection for your system(s). Do not ask me or anyone else to explain this. We don't know **** about these ***** ports anymore than you do. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385439 Share on other sites More sharing options...
Azu Posted November 6, 2007 Author Share Posted November 6, 2007 Thank you! I'm still not sure how to make it stop listening on the port without killing the process though (which I've already explained I can't do since lots of things on my computer are dependant on that process) Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385443 Share on other sites More sharing options...
neylitalo Posted November 6, 2007 Share Posted November 6, 2007 Thank you! I'm still not sure how to make it stop listening on the port without killing the process though (which I've already explained I can't do since lots of things on my computer are dependant on that process) A firewall. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385453 Share on other sites More sharing options...
Azu Posted November 6, 2007 Author Share Posted November 6, 2007 Sorry I forgot to say, I already have one. The problem is that these services are still listening on these ports, and this can be dangerous especially if the firewall is not 100% perfect and something gets through. So I am trying to find a way to make these services stop accepting outside connections on these ports (especially the RPC service since it controls a lot of stuff that happens in Windows) Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385462 Share on other sites More sharing options...
jcombs_31 Posted November 6, 2007 Share Posted November 6, 2007 really, you're an idiot. Stop asking questions that you can't accept answers for. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385655 Share on other sites More sharing options...
Azu Posted November 6, 2007 Author Share Posted November 6, 2007 Thank you for trying to be helpful, I really appreciate it. I'm not sure who posted the answer or where though, could you please tell me? In case you missed it, my question is how do I prevent the RPC service from trying to accept outside connections (obviously besides KILLING the RPC service). In otherwords so that it will stop trying to listen on port 135. Please forgive me for being such an idiot and being inferior to you, I just can't find where anybody has told me how to actually do this, so please tell me where, that would be very nice Also you might want to look into www.alt.com if you like to try to insult people and put them down. This forum is not really meant for that ^^ Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385677 Share on other sites More sharing options...
trq Posted November 6, 2007 Share Posted November 6, 2007 Block the ports with your firewall. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385678 Share on other sites More sharing options...
steelmanronald06 Posted November 6, 2007 Share Posted November 6, 2007 http://www.windowsecurity.com/articles/Customizing-Windows-Firewall.html there! that wasn't to fucking hard. took 2 minutes on google, and only because my internet is running slow. Also, a word of caution. Both of those ports are open because of windows. Closing them COULD stop some core windows services. You will really just need to block them and see what happens. Personally, I don't see what the big deal is about them being open. Also, if you had a router you could restrict the ports that way. but don't ask us to explain that here. We don't know what router you have, and don't want to learn about it just to help. Google is great or the manual. Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385727 Share on other sites More sharing options...
Azu Posted November 6, 2007 Author Share Posted November 6, 2007 Sorry I forgot to say, I already have one. The problem is that these services are still listening on these ports, and this can be dangerous especially if the firewall is not 100% perfect and something gets through. So I am trying to find a way to make these services stop accepting outside connections on these ports (especially the RPC service since it controls a lot of stuff that happens in Windows) Quote Link to comment https://forums.phpfreaks.com/topic/75835-solved-port-135-and-1025/#findComment-385734 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.