port 135 epmap port 1025 lsaa

I have been trying to secure my network connection. I have followed some advice and now have port 135 epmap bound to the loopback adapter (127.0.0.1). lsaa port 1025 is aslo bound to the loopback adapter. I just wonder if this is correct.

 

Hi John Mc,
Could you first please let me know as to where you where given this advice. Could you then tell me which firewall you have installed. TIA

Port 135 is bound (on default) to DCOM RPC, an easier approach to block this is to use WWDC

I am not 100% on

Are you referring to lsass?

 

I'm using filseclab. I was following advice from a few different IT sites that after you disable netbios to bind rpc to loopback using microsoft's rpccfg.exe. My (limited} understanding is that it basically disables rpc from listening on port 135. I was totally unaware of the program WWDC and was trying to do this manually.. My mistake lsass. As far as lsass, I was just curious because it also seems to be conected to 127.0.0.1 on port 1025. Lastly thanks for your help on this and a question I Had a few days ago about Filseclab and Shareaza.

 

lsass, this I personally disable within services, [IPSEC services], untill I find a reason not to, it will stay disabled.