Ensure that Google Cloud VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 135 in order to efficiently reduce the attack surface and protect the virtual machine (VM) instances targeted by these firewall rules. Remote Procedure Call (RPC) TCP port 135 is used for client-server communications managed by Microsoft Message Queuing (MSMQ) and other Microsoft Windows software solutions.
Allowing unrestricted ingress/inbound access on TCP port 135 (RPC) through VPC network firewall rules can increase opportunities for malicious activities such as hacking (e.g. backdoor command shell), ransomware attacks, and Denial-of-Service (DoS) attacks. VPC firewall rules should be configured so that access to specific resources is restricted to just those hosts or networks that have a legitimate requirement for access.
To determine if your Google Cloud VPC firewall rules allow unrestricted access on TCP port 135, perform the following actions:
Remediation / Resolution
To update your VPC network firewall rules configuration in order to restrict Remote Procedure Call (RPC) access to trusted entities only (i.e. authorized IP addresses or IP ranges), perform the following actions:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Check for Unrestricted RPC Access
Risk level: High