Dear Everyone,
The below is our environment configure
Exchange 2010 SP1 RU5
Two nodes of Client Access/Hub Transport in the same servers
Server1
Server 2
Two nodes of Mailbox role
Server 3
Server 4
We have captured the network trafic and found that the client access server 1 or 2 will send the request to mailbox role server 3 and 4 via the network port 5301. After all, it said that it is the trojan attack.
What is the usage of network port 5310 between client access and mailbox roles? I think exchange will use random port to communicate between of two roles, right?
Thanks,
Exchange users