Internet TCP port 135 is primarily used by Microsoft Windows for the Distributed Component Object Model (DCOM) service, which supports communication among objects across a network. This port is also associated with the Microsoft Endpoint Mapper, a service that resolves RPC interfaces. Additionally, it is used by the Microsoft Exchange Server, a mail and calendaring server developed by Microsoft. However, due to its association with various security vulnerabilities, it is often targeted by malware and should be secured properly.
TCP port 135 is associated with Microsoft's Distributed Component Object Model (DCOM) services. In the past, it has been exploited by hackers to spread malware or conduct Denial of Service (DoS) attacks. Notably, the Blaster Worm in 2003 exploited this port to spread across the internet, causing significant disruption. Additionally, port 135 has been used in targeted attacks to gain unauthorized access to systems by exploiting vulnerabilities in the DCOM interface. Hackers often scan for this port to identify potential targets, as it is commonly left open, making systems more susceptible to attacks. Therefore, it is recommended to block this port if DCOM services are not required.
