For starters we have two 9k's as our Data center core. We have vlan 1 (i didn't design this shit) hosting a network 10.1.0.0/16 (again, I didn't design this shit)
we had to do a capture for other reasons, and I started to see traffic sourced and destined for things that are in VLAN 1, but not the AD server
AD Server = 10.1.1.94
Capture shows things traffic on 1433 for 10.1.1.189 and 10.1.1.182 and other various IPs in vlan1 that aren't the AD servers.
What could cause this?
No comments:
Post a Comment