I'm running a Windows Server 2003 with Windows Firewall. It runs IIS as FTP and HTTP server.
Instead of opening ports 21 and 80 at the firewall, I decided to add "inetinfo.exe" (IIS) to the exception list - which should be about the same.
However, I noticed that when I do that and run Shields up test (at www.grc.com
), the system has port 135 opened. If I take inetinfo.exe out of the exception list, the port closes.
What I'd like to know is: is there a problem in leaving port 135 opened on the server? Are there any security issues related to that?
Thanks in advance,