Craig Macdonald wrote: > Port 445 traffic on the Internet (not local nets)is 99.9999% > virus related. We block it inbound and outbound now. > > However, as Geoffre said, the flow octets for port 445 looks > suspicions: 71 packets => 4GB? Those are very big IP packets! > 4294979685 71
Indeed! > This makes me suspicious of something in your setup. > Device is a Cisco 7206VXR - I recently upgraded to 12.3 IOS(3months ago), but have since downgraded to 12.2 due to an MTU issue. I will see if the anomally appears again while on 12.2....Weird that it has only affected one client though. Regards, MB _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
