DCOM (Distributed Component Object Model) is Microsoft's object-oriented remote procedure call mechanism. Many Microsoft client applications use DCOM in order to talk to servers and to each other.
DCOM is based primarily on DCE RPC. It uses port 135 as an "end-point mapper" so that remote services can find each other. A DCOM service can run at any port, which presents the difficulty.
Opening port 135 on the firewall is the first problem. There are many exploits that can be directed at this port. The most important is "epdump" which allows a hacker to easily query which services are running, which match up to the hacker's toolkit of exploit scripts.
