Remote Procedure Call (RPC): 135

Security Weaknesses:

• Vulnerable to unauthorized access and privilege escalation.

• Susceptible to buffer overflow and DoS attacks.

• May expose sensitive information if improperly configured.

Security Defense and Mitigation Measures:

• Restrict RPC access to trusted hosts and networks.

• Regularly patch and update RPC services.

• Use firewalls to control RPC traffic.

Indicators of Compromise or Attack:

• High CPU utilization on RPC services.

• Unusual port activity related to RPC endpoints.

• Suspicious access attempts or logs indicating exploitation.