Help! Unknown CIFS protocol

Discussion in 'Capsa Network Analyzer' started by Miranda Row, Nov 25, 2010.

Thread Status:
Not open for further replies.
  1. Miranda Row

    Miranda Row Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1
    Hi,

    I just notice the massive CIFS protocol traffic. No clue what is it. Anybody knows about it?

    2010.png
     
    Miranda Row, Nov 25, 2010
    #1
  2. brian_mi

    brian_mi Registered Member

    Joined:
    Feb 4, 2010
    Posts:
    12
    From your screenshot I see the CIFS packets are sent out with little time interval. Maybe a virus on that machine?
     
    brian_mi, Nov 25, 2010
    #2
  3. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Stem, Nov 27, 2010
    #3
  4. brian_mi

    brian_mi Registered Member

    Joined:
    Feb 4, 2010
    Posts:
    12
    I think it's nothing to do with CIFS, just a worm using 445 port?
     
    brian_mi, Nov 29, 2010
    #4
  5. hrj_email

    hrj_email Registered Member

    Joined:
    Dec 13, 2010
    Posts:
    3
    Hi,
    you must consider CIF protocol involve alot of ports, for example if you use ACRONIS for backuping your clients , in capsa the port used for Acronis named CIF.

    Another example is when your clients get commands and task from AntiVirus administration KITS for example Kaspersky Administration Kit , Capsa show it as CIF protocol.

    So dont be afraid and check all of them.
     
    hrj_email, Dec 17, 2010
    #5
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...