Ensure that Microsoft Azure network security groups (NSGs) do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 135 in order to implement the principle of least privilege and effectively reduce the attack surface. Remote Procedure Call (RPC) TCP port 135 is used for client-server communications by Microsoft Message Queuing (MSMQ) as well as other Microsoft Windows/Windows Server software.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
Allowing unrestricted RPC access on TCP port 135 can increase opportunities for malicious activities such as hacking (backdoor command shell), ransomware attacks and denial-of-service (DoS) attacks.
To determine if your Azure network security groups allow unrestricted access on TCP port 135 (RPC), perform the following actions:
Remediation / Resolution
To update your Azure NSG rule(s) configuration in order to restrict Remote Procedure Call (RPC) access to trusted entities only such as administrator IP addresses, perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Check for Unrestricted RPC Access
Risk level: High