port 135

[newsgroup reader]

I am under the impression that port 135 is used for authentication. I'm not
sure to what extent (application, user, machine, etc). Anyone know what's
going to happen (ie likely trouble spots) if communication on port 135 is
blocked on an internal network ?

From the outside in, would things like OWA and SQL have any difficulties ?

any feedback appreciated

Bill

 

[Steve Duff [MVP]]

135 is used by Netbios and RPC services as an initial starting point
for assorted upper-layer communications (including DCOM.)

I've never tried it, but I would advise against blocking that port
on your LAN as it will likely lead to significant application failures in
rather 'unusual' ways, including long timeout delays, etc.

It should always be blocked at the border firewall of course -- it
is a popular attack point.

Blocking 135 would affect at least DTC and thus SQL
Server. Blocking 135 would definitely break OWA since RPCs
are used extensively by ES.

Steve Duff, MCSE
Ergodic Systems, Inc.

 

[Steve Parry [MVP]]

I am under the impression that port 135 is used for authentication.
I'm not sure to what extent (application, user, machine, etc). Anyone
know what's going to happen (ie likely trouble spots) if
communication on port 135 is blocked on an internal network ?

From the outside in, would things like OWA and SQL have any
difficulties ?

any feedback appreciated

Bill

http://www.grc.com/dcom/

 

[Guest]

I blocked port135 on our LAN when the last really bad
virus hit. This is not a good thing, do not do it.
Fortunately, it was a test as we were being slammed with
hits from the virus. Domain operations fail.