The Transmission Control Protocol (TCP) is a communication standard used globally to ensure the reliable transmission of data between computers and devices. Ports are numbered so they can be used systematically. As discussed in the article “What port does remote assistance and remote desktop use?”, specific ports enable a program to remotely access a computer or digital device connected to a TCP network. An example of using a dedicated port is looked at in-depth in our “Remote Desktop Protocol” article.
TCP port 135 is the Remote Procedure Call (RPC) Endpoint Mapper service. It enables other systems to identify what services are available on a machine and on which port they can be found. Essentially it allows a system unfettered access to a target system.
In answer to the question of what type of service typically runs on TCP port 135, we can say that its legitimate use is primarily for remote access and remote management.
Ports can be opened or closed to enable or disable data to flow between devices. Just like a door in your home, if left open, can potentially let anyone in, so can TCP port 135.
This poses a problem with a TCP port 135 vulnerability that can theoretically enable hackers or unauthorized users to access a computer system. If the port is left open, strong authentication measures need to be implemented on a given system to limit access to services by unauthorized users. Extreme caution needs to be taken when opening port 135 to ensure a system’s security.