- — HOW-TO: Make Windows 7 Boot Faster
- — TWEAK: Filter Unread Emails in Gmail
- — MODS: Popcorn Hour C-200 (PCH-C200) Heatsink Mod
- — HOW-TO: Install Windows 7 Using a USB Flash Drive
- — TWEAK: Larger Active Tab in Firefox
- — TIP: Browser Plugin Check for Firefox
- — FAQ: Mouse Randomly Freezing in Windows 7
- — TWEAK: Make Torrents Download Faster
- — FAQ: ACPI Multiprocessor HAL Upgrade Script
FAQ: Disable Port 135 (Disable DCOM)
"There’s No Such Thing As A Silly Question" -- does the cliche sound familiar? In this part of pimp-my-rig reloaded, technical questions are answered. Mail them to me and I will post the answers here. If you have a better answer, by all means share it with us.
FAQ: One of the questions thrown at me was about closing down port 135. This of course entails disabling the corresponding application using the port, which, in this case is DCOM. Thus this procedure is also for disabling DCOM.
NOTE: Remember, before making any changes backup the registry or export the branch for safekeeping. Simply merge the backup in case things don't go as smoothly.
[1] Start by launching the registry editor. Start » Run » regedit.
[2] Navigate over to key: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ OLE
At the right column, locate the value "EnableDCOM" and modify the value to "N".
[3] Navigate to this registry key: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RPC
Right click on & Modify the value named "DCOM Protocols" Under the key "Value Data", you will see values like below (or something similar). These values keep port 135 open. Highlight everything listed and delete all existing data. Doing so gives "DCOM Protocols" blank data which will in turn close down port 135.
[4] It is now safe to disable the services related or tied to DCOM. Open Control Panel » Administrative Tools » Services. Disable the following services since DCOM has been disabled:- COM+ Event System
- COM+ System Application
- System Event Notification
[5] Restart the computer after changes have been made. To verify, when your computer has restarted open a command terminal.
Type "netstat -an" and for certain you will no longer see port 135 -- meaning it has been closed. Hope this has helped you in finally closing down port 135, thereby eliminating a possible vulnerability.
In my experience, this has no impact on office applications or internet connectivity. If running other applications, consult with the vendor for requirements relating to port 135 (or DCOM) before closing it down.
Check with us again soon as we will outline how to close down port 137 (netbios-ns), port 138 (netbios-dgm) and port 139 (netbios-ssn).
You might also be interested in:
Feedback
We at pimp-my-rig strive to keep on improving, help us reach that goal by leaving comments or constructive criticisms. Don't miss out on our next feature -- subscribe via RSS (What is RSS?).
5 comments:
Hi. I followed the steps you outlined here (deleted the registry info and closed the services) but when I restarted by computer, port 135 is still open and listening. Any ideas?
Thanks for your interest in the post.
If you happen to be running Windows 7, the above post is no longer applicable.
Follow the procedure outlined in: http://technet.microsoft.com/en-us/library/cc771387.aspx
For me worked this:
on W7 i follow steps from above MS technet article plus delete every default protocols listed (in consolle not by using regedit).
No services for now has been stopped i will investigate on this because on a dummy W7 stopping services made machine unstable after rebooted.
hope this could help as you helped me! bye! Pasquale
please also consider disable netbios and lmhost for complete the trick
@Pasquale: thanks!
Post a Comment