TCP port 445 (Windows standard SMB port) is used to create trust between two domains. It must be open on both sides to do that.
By itself, keeping port open is a possible security breach. The port may be exploited by a number of worms and so on, this is why it's usually kept strictly firewalled, only the trusted computers may access it.
However, after the trust has been created, the port may be safely closed, even between the two domain controllers. This is an not well-documented feature, yet it may be used to strengthen security.
By itself, keeping port open is a possible security breach. The port may be exploited by a number of worms and so on, this is why it's usually kept strictly firewalled, only the trusted computers may access it.
However, after the trust has been created, the port may be safely closed, even between the two domain controllers. This is an not well-documented feature, yet it may be used to strengthen security.
