Resolving Issues with Stealth TCP Port EPMAP

  • Thread starter mmwave
  • Start date
  • Tags
    Issues
In summary, the conversation discussed a TCP port epmap attack on port 135 which is a common attack point for viruses and worms. The speaker's firewall seems to block these attacks but they are still receiving notifications. They also mentioned disabling unnecessary processes such as ClipBook, Fax, Net Logon, and Messenger, which may have slowed down the attacks. However, the speaker is not sure if it actually helped or if the hackers just took a break. They also mentioned that their computer seems to be booting up faster since disabling these processes.
  • #1
mmwave
647
2
Hi,

Can someone tell please what is a stealth TCP port epmap and why they keep happening to my computer?
 
Computer science news on Phys.org
  • #2
Since there were no replies here's what I've learned in the meantime:

The TCP port epmap attack is occurring on port 135 and that is the number one (by far) most common attack point for virus & worm attacks world wide. They usually cause Denial of Service attacks. My firewall seems to block them but I'm sick of seeing the message pop up.
 
  • #3
Have you tried turning your remote messaging off? If you have a standalone computer (as opposed to a LAN) you don't need it.
 
  • #4
That sounds good. Which process is it exactly? I don't find it among my processes. After investigating this problem I disabled a bunch of unnecessary & risky processes like ClipBook, Fax, Net Logon and Messenger. I thought for a while this eliminated the epmap attacks but it only seems to have slowed them down (or else many hackers took the weekend off). (Oops, there goes one now!)

The computer seems faster booting up since I deleted those processes but it could be wishful thinking on my part.
 

Related to Resolving Issues with Stealth TCP Port EPMAP

1. What is Stealth TCP Port EPMAP?

Stealth TCP Port EPMAP (Endpoint Mapper) is a network service that runs on Windows operating systems and is used for remote procedure calls (RPC) between computers. It allows communication between different computers on a network and is typically used by hackers to gain unauthorized access to a system.

2. How do I know if my system is vulnerable to attacks through Stealth TCP Port EPMAP?

To check if your system is vulnerable, you can use a network scanning tool to scan for open ports and check if EPMAP is one of them. You can also use a firewall to block incoming requests to EPMAP or disable the service altogether if it is not needed.

3. What are the potential risks of leaving Stealth TCP Port EPMAP open?

If EPMAP is left open and unsecured, it can be used by attackers to gain access to your system and potentially steal sensitive information or install malware. It can also be used to launch denial-of-service attacks, causing your system to crash or become unavailable.

4. How can I secure my system against attacks through Stealth TCP Port EPMAP?

To secure your system, you can use a firewall to block incoming requests to EPMAP. You can also disable the service if it is not needed. Additionally, keeping your system and network security up to date, using strong passwords, and limiting remote access can also help prevent attacks through EPMAP.

5. Are there any alternatives to using Stealth TCP Port EPMAP for remote procedure calls?

Yes, there are other protocols and services that can be used for remote procedure calls, such as Secure Shell (SSH) or Remote Desktop Protocol (RDP). These alternatives are more secure and should be used instead of EPMAP whenever possible.

Similar threads

Regarding ssd + ssd enclosures
    • Computing and Technology
Replies
5
Views
2K
USB Type-C vs Thunderbolt: Which is faster and better for data transfer?
    • Computing and Technology
Replies
2
Views
984
Connecting extra IPs on a server
    • Computing and Technology
Replies
4
Views
1K
Ereader (Nook) no longer recognized by PC
    • Computing and Technology
Replies
13
Views
3K
Does a router tells a device to close a TCP connection?
    • Computing and Technology
Replies
3
Views
2K
MHB About non persistent (parallel and serial) http connections doubts-:
    • Programming and Computer Science
Replies
1
Views
610
Comp Sci How do I free up tcp port 80 in windows 10?
    • Engineering and Comp Sci Homework Help
Replies
10
Views
1K
Port forwarding with ufw ubuntu
    • Programming and Computer Science
Replies
12
Views
3K
Difference between PUT vs POST from a system administrator POV?
    • Programming and Computer Science
Replies
3
Views
857
Python Socket library to create a server and client scripts
    • Programming and Computer Science
Replies
7
Views
641

Hot Threads

Recent Insights

Back
Top