Windows TCP Port 135 plays a critical role in the communication framework of Microsoft Windows systems, especially within distributed environments such as those using DCOM (Distributed Component Object Model) and RPC (Remote Procedure Call). If you've ever asked "what is Windows TCP port 135", this guide will answer all your questions — from its function and use cases to vulnerabilities, and how to check or close it for better system security.
What is Windows TCP Port 135 Used For?
TCP Port 135 is primarily used by Microsoft RPC services, which allow software on a computer to execute code on a remote system. This port enables applications and services to communicate over a network and is a key element of Windows communication architecture.
In simpler terms, if one Windows machine needs to talk to another — whether for file sharing, service requests, or system updates — port 135 is often involved.
What Is Windows TCP Port 135 Windows 10 and Why Is It Important?
To fully understand what is TCP port 135 used for, we need to explore its background in RPC-based communication. RPC services use port 135 to:
-
Establish initial communication between client and server.
-
Negotiate which dynamic ports to use for further communication.
-
Support operations like file sharing, printing, and Active Directory.
This port is especially relevant in enterprise networks where automation and remote service control are required. Many Windows services depend on port 135 to function correctly.
What Is Port 135 Used for in Windows 10?
Port 135 is not a new invention — it's been part of Windows for decades. In Windows 10, port 135 continues to be used for:
-
Service Control Manager communications.
-
DCOM-based applications.
-
Various Windows services that initiate connections dynamically.
In fact, Windows port 135 is critical in allowing Windows 10 systems to integrate with legacy systems and enterprise tools, including Active Directory.
Port 135 and Active Directory
Now that you know what is Windows TCP Port 135, A notable use case of TCP port 135 in Windows is its role in Active Directory environments. Port 135 helps the domain controller negotiate RPC communications, enabling:
-
User authentication
-
Group policy application
-
Active Directory replication between servers
If you’re managing a domain, disabling this port could prevent your systems from functioning properly.
Port 135 Vulnerabilities: Is It Safe?
Port 135 is often flagged as a security vulnerability — and with good reason. Due to its use in remote execution, it's a common target for exploits and malware, including:
-
Blaster worm
-
Sasser worm
-
Remote execution attacks
Known Risks:
Vulnerability |
Impact |
Remote Code Execution |
Attackers can run code on your system |
DDoS amplification |
Systems can be abused in reflection attacks |
Unauthorized access |
Exposes sensitive Windows services |
If you don’t need port 135 for remote management or Active Directory, it’s best to block or limit access.
How to Check if Port 135 Is Open
You learned all about what is Windows TCP Port 135 so far. Knowing whether TCP port 135 is open is essential for both troubleshooting and security assessment. An open port can be a potential entry point for attacks, so verifying its status should be part of regular system audits.
Using Command Prompt
You can use the classic netstat command to scan for active ports. Open Command Prompt and run:
netstat -an | find "135"
This will return a list of current TCP and UDP connections that include port 135. If you see results showing LISTENING or ESTABLISHED, it means the port is open and in use.
PowerShell
For a more modern and scriptable approach, use PowerShell:
Test-NetConnection -Port 135 -ComputerName localhost
This command tests if port 135 is reachable on your machine (or any remote machine, if you change the computer name). It provides a more detailed response including the result, source address, and response time.
Online Port Scanners
External port scanners are useful when you want to check the exposure of your system to the internet. Tools like ShieldsUP!, Nmap, or web-based scanners can probe your public IP to see if port 135 is visible externally — a major concern if you are running services from home or on a public-facing server.
If you're managing remote systems, especially on VPS environments, check our related article on What is RDP Port to better understand which ports are critical for secure remote access.
How to Close Port 135
If you find that TCP port 135 is open and not required for your setup, closing it is a smart move to reduce potential attack surfaces. Disabling this port can help mitigate several well-known vulnerabilities, especially those related to remote code execution or lateral movement within a compromised network.
Steps to Close TCP Port 135 on Windows
1. Open Windows Defender Firewall
Search for it in the Start menu or navigate via Control Panel > System and Security > Windows Defender Firewall.
2. Click on Advanced Settings
This opens the Windows Firewall with Advanced Security console, where you can define rules for inbound and outbound traffic.
3. Choose Inbound Rules
On the left-hand side, click on “Inbound Rules” to manage which incoming connections are allowed.
4. Locate and Disable RPC-Related Rules
Scroll through the list and look for rules related to RPC Endpoint Mapper or specifically port 135. You can sort by port number to find it faster.
-
Right-click the rule.
-
Choose Disable Rule or delete it if you're sure it's unnecessary.
5. Repeat for Outbound Rules (If Necessary)
Depending on your environment, you may also need to restrict outbound communications through port 135. Repeat the same process under the “Outbound Rules” section.
Important Warning
Blocking port 135 can disrupt essential Windows services, especially in business or domain-based environments. Features like Active Directory, remote management, and certain Windows updates may stop functioning correctly. It’s highly recommended to:
-
Test changes in a development or staging environment first.
-
Document all modifications.
-
Monitor system behavior after the change.
Use Cases: What Is Port 135 Commonly Used For?
Port 135 may seem like just another number in the long list of TCP ports, but it serves essential functions in modern Windows environments. It acts as a communication facilitator between various services and components, particularly those that require remote interaction or system-level coordination. Below are the most common use cases of what is TCP 135 used for that highlight the real-world importance of port TCP 135:
Remote Procedure Call (RPC)
The core purpose of TCP port 135 is to support Remote Procedure Call (RPC) operations. When a client application wants to call a service or function located on a remote system, it uses RPC to initiate this communication. Port 135 is used for the initial contact phase, allowing the client and server to negotiate a dynamic port for further data exchange.
DCOM Applications
DCOM (Distributed Component Object Model) is a Microsoft technology that allows software components to communicate over a network. It extends the Component Object Model (COM) to support distributed applications. When a DCOM-based application starts a remote session, it uses port 135 to query the endpoint mapper service on the target system. The mapper then directs the connection to the correct port assigned to the target application.
Active Directory
In enterprise networks, Active Directory is the backbone of authentication, user management, and access control. When domain-joined devices connect to a domain controller, they often rely on RPC and DCOM mechanisms — all of which kick off using TCP port 135. Port 135 is indispensable in maintaining seamless communication between Windows servers and clients within a domain.
Remote Management
IT administrators frequently use remote tools to manage servers and workstations — especially in large, distributed networks. Whether it’s Windows Management Instrumentation (WMI), remote PowerShell, or third-party systems management tools, port 135 plays a key role in initiating connections. These tools often depend on RPC communication to start sessions or collect system data.
Need a stable environment for Windows applications? Explore our Buy Windows VPS plans.
Final Thoughts
Understanding what is Windows TCP port 135 helps you appreciate both its importance and the associated security risks. Whether you're managing a home server or a full enterprise network, knowing what TCP port 135 is used for — and how to manage or block it — is essential for maintaining operational efficiency and cybersecurity.
If you're using Windows systems remotely or on cloud infrastructure, don't forget to review other related ports like those used by RDP and consider upgrading to a Windows VPS for better control and isolation.