rakem Posted March 26, 2006 Share Posted March 26, 2006 We have a network monitoriting thing call packetter, it plugs into the your router then into your network and monitors all traffic flowing through.We have been noticing that alot of inbound and outbound traffic is because of something called microsoft-ds. Does anyone know what this is? I have done some searchs on google and it seems to me that it could be something linked to a DOS attack.Can anyone explain what microsoft-ds is? thanks Link to comment Share on other sites More sharing options...
cluberti Posted March 26, 2006 Share Posted March 26, 2006 It is supposed to be Directory Services communication on port 445. If the traffic isn't destined to or from one of your clients or servers, it is something to worry about (blaster worm, possible DoS, etc). It is normal to see that sort of traffic on a Microsoft network running AD, though, so try to determine the source and destination of the packets to determine whether the traffic is good or bad. Link to comment Share on other sites More sharing options...
GrofLuigi Posted March 27, 2006 Share Posted March 27, 2006 Maybe this or maybe this?If you want to close it try setting:REGEDIT4[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]"SMBDeviceEnabled"=DWORD:0Hope this helps.GL Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now