Traffic on certain ports - compressed/encrypted?


Months ago we implemented Wan Optimization hardware (Riverbed Appliances) at our different sites. It is showing pretty heavy usage on port 1024 and 7389. Is this traffic compressed, encrypted or perhaps both?
You see if it is just compressed, I would love to turn it off. I am hoping it is just rsync with -z switch enabled. If so, turning it off will help tremendously. I made this change on some of my scripts and It improved throughput and time significantly!




Port 7389 is LDAP traffic between UCS hosts. This is encrypted to protect credentials and other sensitive information. Even if you don’t wish to switch encryption off for this communication you can try to limit the amount of data to be transferred, by setting up slave DCs on all sites, and/or limiting the LDAP scope to be synchronized. (I didn’t find a HOWTO document at first spot, but I feel this can be done)

Regarding port 1024 I don’t exactly know. It belongs to Microsoft’s default port range for RPC communications. UCS hosts acting as a Windows DC (using Samba4) use it the same way. I’d suppose it’s encrypted, too.

Frank Greif.