how to disable port 135 please... step by step guidance?

1. Install a firewall
2. Post to the proper newsgroup - this one is for IIS (a web server)
security

--
--Jonathan Maltz [Microsoft MVP - Windows Server]
http://www.imbored.biz - A Windows Server 2003 visual, step-by-step
tutorial site :-)
Only reply by newsgroup. If I see an email I didn't ask for, it will be
deleted without reading.


[quoted text, click to view]

On Mon, 28 Jul 2003 02:38:25 -0700, "Budi" <suisoga@hotmail.com>
[quoted text, click to view]

Try a more generic security group, or Google "close port 135".

[quoted text, click to view]

Budi,
you cannot disable port TCP135 on Windows OS or many system fundamental
components relaying on it will stop working properly. But since new RPC
exploit (DoS and remote privileges escalation) is around and it works very
well, it's legitimate ask how to protect this port for an unshielded web
server (your scenario, probably).

As said you cannot disable port TCP135, but you can protect it implementing
a new firewall or an access control list (ACL) on your actual router.
Implementing a firewall can be a little pain since it requires buying extra
hardware and configuring and mantaining it, if you don't have it. If you
already have it, create a rule that:
DENY - FROM INTERNET - ALL TRAFFIC - TO YOUR WEB SERVER - TO YOUR PORT
TCP135

A much simplier method would be acting on your router (since you have it
for sure) and implement a similar rule, with router syntax. But isn't sure
your router can have ACL of some sort: you need to investigate about it.

If you'll be more specific about your scenario could receive more specific
help from this newsgroup.
But since hardening operating system is something not directly related to
IIS, I suggest posting some follows on
microsoft.public.windows.server.security

--

Alessandro Perilli
Security Consultant / Trainer

MCT - MCSE 2000 SECURITY - LINUX+
CCSI - CCSE 2000 - CCSE+ NG
CCNA - CIWP - CIWSA - CCA XP