My ISP has completely locked down my virtual server running Windows 2008 by default. However, besides ports 80 and 443 (which are needed for IIS), two ports are still accessible from the outside world: 135 and 49154 (or 49155 sometimes).
It seems these ports are used for RPC/DCOM. Since they are left open, I presume these are needed for Windows 2008 to function? Are there hacks possible on these ports?
You probably don’t want to open port 135 to the outside world unless it’s really required. I don’t have much information on it’s use, as this page doesn’t go into great detail. From the looks of it, it’s a port that would be useful on a LAN, but might not be so useful to the outside world, and might even pose a security risk.
As for port 49154, that is an unregistered port, and so without knowing what application is listening on that port, I can’t tell you one way or the other if you should leave it open or lock it down.