I've been unable to close it with Windows 10 Firewall. DCOM was disabled through DCOM Config, but that didn't prevent my SYN scan to detect port 135 as open (locally, not remotely) and detect OS with decent accuracy.
disabling dcom breaks tons of stuff firewall it instead so nothing outside ur computer can connect 2 port 135
DCOM is ancient mode for system in windows 10 is just native if disable no conflict with new programs just if use old programs who use DCOM components.
There is dozen of services listening, how come you are worried only about the port 135? By default, Windows Firewall blocks inbound, so nothing can connect to it, unless you allow it.
I disable a ton of services, so port 135 thus far is the only one listening. I don't quite understand how Windows 10 Firewall works of if it works at all. For example, DHCP is blocked (both inbound and outbound, TCP and UDP) for all PC's on my network, but none of those PC's are configured to use static local IP's. All of them continue to use DHCP even though Windows 10 firewall supposedly blocks it. Perhaps router NAT overwrites Windows 10 Firewall settings. I have no idea... Third party firewalls do work, but the free ones I tried, like TinyWall, block everything and force you to unblock program by program, but that doesn't work either. No matter what I do, if TinyWall is running, internet won't work. I added browsers and almost every EXE I could to exclusion list, but TinyWall keeps blocking everything eternally. I also found it impossible to uninstall. It preserves itself as a service, a service that cannot be stopped or deleted, even with TrustedInstaller privileges... Where can I download a list of typical Windows 10 firewall PowerShell rules for security? For example, it is usually advised to disable Multi-Home/Parallel DNS (IGMP), ICMP (pinging), NetBIOS ports, DCOM and DCOM port (135). I am sure there are many others, but again, I don't understand firewalls. Windows-based firewall doesn't seem to do anything while 3rd party firewalls block everything with exclusion lists doing absolutely nothing. NAT firewalls are the same way. My ISP-provided modem is set prevent public IP pinging and my personal router is set to do the same, but that does not prevent my public IP from being pingable. Setting either of those routers in Bridged Mode doesn't help the situation either.
I believe, DHCP uses svchost.exe via ports 67/68, but I have not used DHCP in years so not sure what else. Unless you have disabled DNS Client, you need to allow svchost.exe for UDP via port 53 to allow DNS requests.
If you IPS is with enabled NAT protocol then search in router this similar option (ICMP Echo Attack) when this enable then router no allow ping ip adress from out.
That is what I thought, but if you block the entire connection, ICMP Echo should also be blocked. It is strange because pinging my public IP from local network results in 100% response, but pinging from a website (or from outside of my network) results from 100% packet loss. I asked a friend to ping me from his PC (outside of my network) and it also resulted in 100% packet loss. Therefore, it does work, but not when testing from local IP.
Maybe try this from cmd add firewall rules for inbound if use windows defender firewall. Code: netsh advfirewall firewall add rule name="STOP TCP port 135 listening" protocol=TCP dir=in localport=135 action=block enable=yes I just get this when use command Code: netstat -n -a | findstr "LISTENING" | findstr ":135" Code: TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP [::]:135 [::]:0 LISTENING
Code: STOP TCP port 135 listening wf wont stop the port listening it will stop the port being connected 2 ie after doing ur cmd try telnetting 2 port 135 from another computer spoiler: it wont connect
Thanks! I am figuring out Windows 10 Firewall now. The non-Advanced portion of it still makes no sense because "Allowed Apps" are not necessarily allowed. It just means a rule exists for them, but that rule, in Advanced Settings, can be set to "blocked". Even if an App is set to Blocked, it can still be listed as allowed in simple settings Advanced Settings make sense and they work. In Advanced Settings, if I block either (or both) "Core Networking - DNS" or "Core Networking DHCP", Internet will not work.
I think I will need to relearn everything once I get my Sophos hardware firewall and replace my iPhone with Ncryptcellular secure phone. I think I will also need to stop using Comcast for broadband ISP and stop using AT&T for cellular ISP because both of them refuse to accept the new decentralized offshore cryptocurrencies. Then I can host my own files via Nextcloud without having to rely on Apple's services and having them be yet another MITM party, but maybe that is when port 135 will become of significance.
I don't know butl ocal port 135 is not very important. port 135 is used in client/server applications (might be on a single machine) such as Exchange clients, the recently exploited messenger service, as well as other Windows NT/2K/XP software