Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
728
Views
0
Helpful
2
Replies

RPC WinNuke

mlowery
Level 1
Level 1

‎04-26-2005 08:37 AM - edited ‎03-10-2019 01:25 AM

All of a sudden, I've started getting alerts on RPC WinNuke Sig#:3345 from a domain controller to workstations on the internal network.

I am unable to find anything that has changed, nor can I find anything that would cause this event to be triggered.

Can anyone tell me if this is a known false-positive, or do I need to keep digging?

Thank you,

Michael

Labels:
0 Helpful
2 Replies 2

owillins
Level 6
Level 6

‎05-02-2005 06:28 AM

If possible could you please test this set up on a different sensor and check the results.

0 Helpful

mlowery
Level 1
Level 1
In response to owillins

‎05-05-2005 04:47 AM

I have tried on two other sensors now, and it seems that this signature fires when traffic is sent to Windows 2000/2003 domain controllers.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card