A Lot of Traffic on Network

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Hi,
We have this weired problem that some times one of the computer, in our
network, generates a lot of traffic. We are unable to findout which computer
is generating that traffice so we have to shutdown all the computers and
switch them on one by one but this is very painfull. Can anyone please guide
how we can find out such computers using some kind of software?

Any help will be highly appreciated

Regards,
Mna

 

[Dave]

Archived from groups: microsoft.public.win2000.security (More info?)

a network sniffer program, management software for your router/switch, look
at the lights on the router/hub/switch, just pull network plugs one at a
time in network closet, monitor with some other management tool, too many
options, not enough information... how big of a network, how connected, what
type of clients, what type of management tools??? have you scanned all
machines for viruses, trojans, etc?

"MNA" <someone@somewhere.com> wrote in message
news:etK3tbabEHA.3016@tk2msftngp13.phx.gbl...
> Hi,
> We have this weired problem that some times one of the computer, in our
> network, generates a lot of traffic. We are unable to findout which
computer
> is generating that traffice so we have to shutdown all the computers and
> switch them on one by one but this is very painfull. Can anyone please
guide
> how we can find out such computers using some kind of software?
>
> Any help will be highly appreciated
>
> Regards,
> Mna
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Thanks Dave for your resonse!
Actually our network administrator quit. till we hire someone i have to look
at these things. Right now we have to pull the network cables one at a time
but its very time consuming as we have almost 30 users connected to two
hubs. I was wondering i can find a tool which can tell me which computer is
generating most of the traffic on the network we may unplug only that one.

regards,
Mna
"Dave" <noone@nowhere.com> wrote in message
news:q8OdnQLmr_tSbWbdRVn-oQ@crocker.com...
> a network sniffer program, management software for your router/switch,
look
> at the lights on the router/hub/switch, just pull network plugs one at a
> time in network closet, monitor with some other management tool, too many
> options, not enough information... how big of a network, how connected,
what
> type of clients, what type of management tools??? have you scanned all
> machines for viruses, trojans, etc?
>
> "MNA" <someone@somewhere.com> wrote in message
> news:etK3tbabEHA.3016@tk2msftngp13.phx.gbl...
> > Hi,
> > We have this weired problem that some times one of the computer, in our
> > network, generates a lot of traffic. We are unable to findout which
> computer
> > is generating that traffice so we have to shutdown all the computers and
> > switch them on one by one but this is very painfull. Can anyone please
> guide
> > how we can find out such computers using some kind of software?
> >
> > Any help will be highly appreciated
> >
> > Regards,
> > Mna
> >
> >
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

A couple quick ways -

Use a software network sniffer (ettecap is good and free). Or if this
machine is generating broadcasts or virus like traffic you can install a
software firewall (such as Symantec) on a few hosts the logs may reveal the
culprit.



On 7/19/04 11:42 AM, in article etK3tbabEHA.3016@tk2msftngp13.phx.gbl, "MNA"
<someone@somewhere.com> wrote:

> Hi,
> We have this weired problem that some times one of the computer, in our
> network, generates a lot of traffic. We are unable to findout which computer
> is generating that traffice so we have to shutdown all the computers and
> switch them on one by one but this is very painfull. Can anyone please guide
> how we can find out such computers using some kind of software?
>
> Any help will be highly appreciated
>
> Regards,
> Mna
>
>

 

[Dave]

Archived from groups: microsoft.public.win2000.security (More info?)

does this happen often? have you checked out the machines that are
generating the traffic to see if they are infected?? or could it be related
to some good application that is just doing something funky?

if they are just hubs then a sniffer program on any port of the hub should
point to the culprit. just be sure they aren't really switches. on the
bigger switches and hubs i have seen there is usually a port activity light
that would show which port was active which should help find the bad one.

"MNA" <someone@somewhere.com> wrote in message
news:udPKKtbbEHA.3148@TK2MSFTNGP10.phx.gbl...
> Thanks Dave for your resonse!
> Actually our network administrator quit. till we hire someone i have to
look
> at these things. Right now we have to pull the network cables one at a
time
> but its very time consuming as we have almost 30 users connected to two
> hubs. I was wondering i can find a tool which can tell me which computer
is
> generating most of the traffic on the network we may unplug only that one.
>
> regards,
> Mna
> "Dave" <noone@nowhere.com> wrote in message
> news:q8OdnQLmr_tSbWbdRVn-oQ@crocker.com...
> > a network sniffer program, management software for your router/switch,
> look
> > at the lights on the router/hub/switch, just pull network plugs one at a
> > time in network closet, monitor with some other management tool, too
many
> > options, not enough information... how big of a network, how connected,
> what
> > type of clients, what type of management tools??? have you scanned all
> > machines for viruses, trojans, etc?
> >
> > "MNA" <someone@somewhere.com> wrote in message
> > news:etK3tbabEHA.3016@tk2msftngp13.phx.gbl...
> > > Hi,
> > > We have this weired problem that some times one of the computer, in
our
> > > network, generates a lot of traffic. We are unable to findout which
> > computer
> > > is generating that traffice so we have to shutdown all the computers
and
> > > switch them on one by one but this is very painfull. Can anyone please
> > guide
> > > how we can find out such computers using some kind of software?
> > >
> > > Any help will be highly appreciated
> > >
> > > Regards,
> > > Mna
> > >
> > >
> >
> >
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Hi Mna,

Thank you for posting!

In my opinion, you may try Network Monitor which can be used to capture the
package in TCP layer.

For detailed informaiton on how to capture network traffic with network
monitor, click the below hyperlink to view the article in Microsoft
Knowledge base:

http://support.microsoft.com/?id=148942
148942 How to Capture Network Traffic with Network Monitor

To obtain the time-bombed version of Network Monitor, visit the following
Microsoft Web site:
ftp://ftp.microsoft.com/pss/tools/netmon

Notes :
Netmon2.zip contains Netmon 2.0 (Netmon 2.0 runs on Windows NT 4.0, Windows
2000, and Windows XP)
Netmon1.zip contains Netmon 1.0 (Netmon 1.0 runs on Windows NT 4.0, Windows
98, and Windows 95)
The current password to unzip is "trace". Note that this password may
change in the future. If it does, see this article for the new password.

I hope that the above information is helpful. Have a nice day!

Thanks & Regards,

Feng Mao [MSFT], MCSE
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.