Internet-Security.com UDP port 135 details

UDP port 135 is used by the Microsoft RPC Endpoint Mapper (EPMAP) for DCE/RPC on Windows clients and servers.
Real-world Windows components that rely on it include Active Directory services (e.g., domain controllers for management/replication setup), WMI/DCOM remote management tools, and File and Printer Sharing, which query the endpoint mapper before using dynamic RPC ports.
Microsoft System Center Configuration Manager (SCCM) and older Microsoft Exchange deployments have used the RPC Endpoint Mapper during client and management operations in Windows environments.
Samba installations that provide MSRPC/Active Directory Domain Controller functionality can expose the same endpoint mapper service and may listen on UDP 135.
OSF DCE implementations on Unix systems (e.g., IBM AIX DCE/DFS services) use the DCE endpoint resolution service on UDP 135.
Security note: Port 135’s RPC/DCOM services have been frequently targeted, notably by the Blaster (MS03-026) worm and related exploits, and UDP 135 is commonly probed during reconnaissance.

UDP 135