PC using port 445 uses most bandwidth on WAN
Our company has 7 sites. Each site has it's own AD server. Each AD server replicates with our data center. I have a PC that when it logs on it goes to another site and accesses info on it's AD server. It uses source port 445 and destination port of 63102. We have McAfee and I've scanned it looking for virus' (nothing there). This PC doesn't come on that often but when it does it hammers our WAN for about 10-15 minutes then it settles down. The source site has a T1 while the remote site has 10MB connection. Any idea of what it is trying to do?
Last Comment
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
RantCan,
I'll have to get wireshark and look at the traffic. I haven't used it very much so I'll try and muddle through the program. We ran a rootkit and every other program McAfee had for us. They all came back clean.
I'll have to get wireshark and look at the traffic. I haven't used it very much so I'll try and muddle through the program. We ran a rootkit and every other program McAfee had for us. They all came back clean.
Windows OS
This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.
129K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
In my software it says Source port. But that may actually be the destination because of the circuit I was looking at. I'll have to look at what CIFS info it is looking for on the far server