I am trying to understand this traffic that I see reported on our FW log reports. A bunch of internal hosts on our network are trying to send packets out through the FW to 220.127.116.11. This is all port 139 Netbios traffic and its gets denied, but its just makes me wonder what is going on.
I tried doing some google searches on it, but I couldn't come up with anything in particular. Do you guys have ideas what this could be?