Help! Unknown CIFS protocol

Discussion in 'Capsa Network Analyzer' started by Miranda Row, Nov 25, 2010.

Thread Status:
Not open for further replies.
  1. Miranda Row
    Offline

    Miranda Row Registered Member

    Hi,

    I just notice the massive CIFS protocol traffic. No clue what is it. Anybody knows about it?

    2010.png
  2. brian_mi
    Offline

    brian_mi Registered Member

    From your screenshot I see the CIFS packets are sent out with little time interval. Maybe a virus on that machine?
  3. Stem
    Offline

    Stem Firewall Expert

  4. brian_mi
    Offline

    brian_mi Registered Member

    I think it's nothing to do with CIFS, just a worm using 445 port?
  5. hrj_email
    Offline

    hrj_email Registered Member

    Hi,
    you must consider CIF protocol involve alot of ports, for example if you use ACRONIS for backuping your clients , in capsa the port used for Acronis named CIF.

    Another example is when your clients get commands and task from AntiVirus administration KITS for example Kaspersky Administration Kit , Capsa show it as CIF protocol.

    So dont be afraid and check all of them.
Thread Status:
Not open for further replies.