SP2 and Port 135

R

Rob

Installed SP2 on one of my PCs as a test:
Before and after the update, I ran a security check (from
the web site of a major anti-virus software company) and
found that BEFORE the update, I was clean, but afterwards,
something called Port 135 (location service?) had been
left open.
I was (in their opinion) vulnerable to attack, even with
their firewall (and microsoft's new improved firewall)
running.

Is this by design? If so, how does this benefit me?
 
Q

Quaoar

Rob said:
Installed SP2 on one of my PCs as a test:
Before and after the update, I ran a security check (from
the web site of a major anti-virus software company) and
found that BEFORE the update, I was clean, but afterwards,
something called Port 135 (location service?) had been
left open.
I was (in their opinion) vulnerable to attack, even with
their firewall (and microsoft's new improved firewall)
running.

Is this by design? If so, how does this benefit me?
Click to expand...

Check that the Messenger Service (Control Panel, Administrative Tools,
Services) is Disabled. It uses Port 135 for broadcast. Port 135 is
also used for blaster worm propagation, but SP2 is supposed to be fixed
to prevent it. UDP port 135 is used for several network services also.
You can close the port in TCP/IP properties for the connection, General
tab, Advanced button, Options tab, TCP/IP filtering properties. See if
you have any communication problems.

Q
 
R

Rob

Messenger Service?
Is this the "Messenger" (internal) or the "windows
messenger" (that I don't want!)

Thanks.....
 
Q

Quaoar

Rob said:
Messenger Service?
Is this the "Messenger" (internal) or the "windows
messenger" (that I don't want!)

Thanks.....
Click to expand...

Messenger Service, not Windows Messenger. Google: remove Windows
Messenger for a procedure to remove it also.

Q
 
T

Torgeir Bakken \(MVP\)

Rob said:
Installed SP2 on one of my PCs as a test:
Before and after the update, I ran a security check (from
the web site of a major anti-virus software company) and
found that BEFORE the update, I was clean, but afterwards,
something called Port 135 (location service?) had been
left open.
I was (in their opinion) vulnerable to attack, even with
their firewall (and microsoft's new improved firewall)
running.

Is this by design? If so, how does this benefit me?
Click to expand...
Hi

Check what firewall exceptions is enabled in the FW configuration.
If e.g. the File & Print Sharing exception is enabled, port 135
will be open.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Closing port 135 and disabling DCOM affect Task Scheduler? 3
Computer Virus? 16
blocking streaming audio and/or video 4
Inability to access FTP sites 2
Too many connection on port 135 and some security questions 4
Internet Connection Issues 4
SP2 via Update V5 with Sygate Firewall. 10
XP file shares and SP2 2

Top