Hello all,
I have an access-list that is denying any access to eq 445. Someone had set this list up before I was here, and I assume it's for some Blaster varient or something.
The problem is one of the System guys says it's a legit service, something to do with Active Directory.
When I do "sh logging" I see thousands of hits where it deny's one packet at a time from port 445 to misc IP addresses.
I do "sh access-list" and the deny 445 entry has millions of hits.
We do a network wide Symantec update and scan and find nothing.
Should I disable this 445 entry? Is it a legit service?
Thanx for any help