Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Server 2000 has excessive traffic coming out of it on port 139 and 445.

Posted on 2006-10-20
7
Medium Priority
?
249 Views
Last Modified: 2009-10-20
I have been fighting this problem all week and need some ideas.  We have a few servers that started rebooting unexpectedly 3 days ago.  I found that if all the windows updates were installed the rebooting would stop.  The problem though is that now I have a lot of traffic flooding my network.  The excess traffic is coming out on port 139 and 445 the SMB port.   I do not know why it is doing it or how to stop it.  I would turn it off but I have some files that are shared on it.  Does anybody have any ideas on what I can try?  Also, if you need any more information please ask.
0
Comment
Question by:L_P_Loudan
7 Comments
 
LVL 6

Expert Comment

by:collins23
ID: 17775015
well that seems to be a virus problem. have you installed the latest service pack 4 ?

unplug your computers from the network and scan them individually for viruses with the latest virus updates.
0
 
LVL 8

Accepted Solution

by:
caddlady earned 1000 total points
ID: 17775254
Port 139 and 445 are notorious for being used for hacking and the lsass worm...  I would block both ports from incoming traffic on your router ASAP.
0
 
LVL 8

Expert Comment

by:caddlady
ID: 17775266
0
 
LVL 9

Assisted Solution

by:FixingStuff
FixingStuff earned 1000 total points
ID: 17776894
This seems to obvious to ask, but, do you have a firewall between your servers and the internet? Sounds like not, or it is wide open.
As caddlady mentioned, those ports are "notorious for being used for hacking and the lsass worm."
If you not sure about the firewall or if it is setup correctly, Go to WWW.GRC.COM and use ShieldsUp from each server. This does a port scan and check from outside to make sure your machine is protected.
FS-
0
 
LVL 1

Expert Comment

by:ajsultan
ID: 25616433
OK.  No Sasser or W32.Downadup on machines with the chatty 445 traffic.  Any other ideas?
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses
Course of the Month10 days, 14 hours left to enroll

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question