Port MSRPC
RPCSS.EXE service - Telnet to port 135 on older WinNT machines, type about 20 characters with CR, then disconnect, hangs service driving CPU to 100%. Only solution is to kill RPCSS.EXE. Fixed in SP3 and beyond.
- epdump.exe program will list all the "end-points", which lists the RPC services running an at which ports/named pipes.
- Snork: RPC datagram
spoofing address of victim1, send to victim2. The two machines go into endless loop sending RPC error messages to each other. RPCSS.EXE goes to 100% utilization. Post-SP3 hotfix is "snk-fix", fixed in SP4.