EPMAP listening "is this a problem"

Hiya folks when i look at firewall active connections i have a svchost listening on port 135,which i have found out this is epmap(end point mapping).Can this port be closed as i have read it is used by hackers often.If so how can it be closed permanantly and will it be at detriment to my system.

I cannot terminate the port using the terminate connection method in the interface,any suggestions or advise would be much appreciated.

Kind regards Matty ???


There are a number of ways to disable this service and port, either by making changes to some registry keys, or by using one of the many utilities available:

The manual way:

  1. Run “Dcomcnfg.exe” from the Start menu “Run.” item.
  2. Select the following: Component Services → Computers → My Computer
  3. Right Click and select the Properties menu item
  4. Select the Default Properties tab
    Uncheck “Enable Distributed COM on this computer” option.
  5. Select the Default Protocols tab
    Remove “Connection-oriented TCP/IP” from the list of DCOM protocols.

It is also possible do the same directly by editing the registry.

  1. Run “regedt32.exe” from the Start menu “Run.” item.
  2. Select the key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole”
    Set the value “EnableDCOM” to “N”.
  3. Select the key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc”
    Edit the value “DCOM Protocols”. This may contain a number of strings.
    Delete the string “ncacn_ip_tcp”

The utility way:

Download either of the following:

Seaconfig XP : Download
Security and Privacy Complete : Downloads

Toggie–your an absolute star.Many thanks from cold+frosty Manchester/England (:CLP)

After a reboot its gone,excellant

ps. did it the registry way(im learning)