rakem Posted March 26, 2006 Posted March 26, 2006 We have a network monitoriting thing call packetter, it plugs into the your router then into your network and monitors all traffic flowing through.We have been noticing that alot of inbound and outbound traffic is because of something called microsoft-ds. Does anyone know what this is? I have done some searchs on google and it seems to me that it could be something linked to a DOS attack.Can anyone explain what microsoft-ds is? thanks
cluberti Posted March 26, 2006 Posted March 26, 2006 It is supposed to be Directory Services communication on port 445. If the traffic isn't destined to or from one of your clients or servers, it is something to worry about (blaster worm, possible DoS, etc). It is normal to see that sort of traffic on a Microsoft network running AD, though, so try to determine the source and destination of the packets to determine whether the traffic is good or bad.
GrofLuigi Posted March 27, 2006 Posted March 27, 2006 Maybe this or maybe this?If you want to close it try setting:REGEDIT4[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]"SMBDeviceEnabled"=DWORD:0Hope this helps.GL
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now