I have a new Exchange 2003 server with Groupshield 6.0 and VirusScan
8.0i running on it (up to date of course) and one of my 4215's is picking up traffic from it to each of my AD Domain Controllers and logging scores of intrustion alerts. I suspect that it is legitimate traffic as the server is fully patched and had never been on the network without a fully up to date antivirus running on it, and due to the fact that it's only sending the "suspect" packets to my domain ; however, I can't fnid any information online to support this. Does anyone know of any legitimate traffic where source is port 8 on and Exchange server and the destination is port 0 on all Domain Controllers? Thanks...- posted
18 years ago