Over 1 million tech questions and answers.

Port Mirroring - No traffic received from domain controller

Q: Port Mirroring - No traffic received from domain controller

Hello,
We have a few virtualized Domain Controllers on VMware. As the lighweight Gateway is not very lightweigt - also with 16GB of RAM we were running out of Memory on our DCs - we decided to try port mirroring. This is working very good, but sometimes we get
the message that no traffic is received from one of the Domain Controllers. The only Thing we Need to do then is to restart the Gateway Service.
So the port mirroting is working and traffic is received by the Gateway.
Anyone else noticed this?
Could it be because we mirror the traffic from 3 Domaon Controllers to one port? But it also happens to the Gateways where we only mirror one DC.
But as I said - after a restart of the Gateway Service the error disappears and everything is working again.
brgds Deas

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Port Mirroring - No traffic received from domain controller

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 113.2

Hi,

Our ATA don't received trafic from domain controller.  The port mirroring is OK and verified.

on error log I've found
2018-06-16 04:43:55.1993 5052 106 Error [DirectoryServicesClient+<SearchInternalAsync>d__29] Microsoft.Tri.Infrastructure.Utils.ExtendedException: LDAP search failed [DomainControllerDnsName=DC NAME.mydomain isGlobalCatalog=False DistinguishedName=
Scope=Base Filter= AttributeCount=16] ---> System.DirectoryServices.Protocols.DirectoryOperationException: The server is unavailable.
Can you help me ?

Read other answers
RELEVANCY SCORE 92.4

Hello !

I am deploying ATA on a big organization. I am installing ATA Center and ATA Gateway first before doing port mirroring ( yes i know i shouldn't, but i need to deploy ATA first then request the network configuration because the network team has been busy ).

after finished installing, i notice these things :

- A lot of organization's entities are learned, from domain to groups.
- Traffic (captured messages/sec on ATA Gateway ) on performance monitor when validating installation.

My question is :

- Do the network already configured port mirroring ?
- If yes, then why i cant get any suspicious activities, even though i already simulated an attack ?

thanks before !

Read other answers
RELEVANCY SCORE 90.4

I am attempting to test ATA and have created a test DC and ATA Gateway connected to the same virtual switch on the same hyper-v host (2012R2, all recommended patches installed). I have also enabled "Microsoft NDIS Capture" on the virtual switch
and configure the DC as the source and a secondary none routable vNIC on the gateway as the destination (1.1.1.1/30, no dns or gateway). All vNICs are tagged on my test vLAN (ALL traffic must be tagged on these hosts) and I fear this may be the issue. Does
Hyper-V port mirroring support tagged traffic? Is this my issue and if so how do I solve this problem.

I was initially led to this assumption due to the following link:
https://cloudbase.it/hyper-v-promiscuous-mode/
Which states: "Traffic generated on a VM with a vNIC set to tag traffic with a VLAN id cannot be directly monitored on another VM, unless trunking is set on the target" and then suggests running the following command: "Set-VMNetworkAdapterVlan
VM3 -Trunk
-AllowedVlanIdList "100,101"
 -NativeVlanId 0"
However I tried this for my specified "Mirror" nic the gateway as well and it did not work.  It is worth mentioning that I have not yet installed the gateway and have used the Microsoft network Monitor tool in promiscuous mode
as prescribed and returned no results for LDAP or KerberosV5. Any assistance would be greatly appreciated.

Read other answers
RELEVANCY SCORE 89.6

So I got SPAN tech configured which basically copies all the layer 2 traffic from certain selected Cisco switch ports to a dedicated port. I have a Windows 2012 R2 Server attached to this dedicated port (TCP/IP isn't configured on this Windows NIC) so I
can capture this spanned traffic.
Unfortunately, when I use Message Analyzer 1.3.1 (build 4.0.7551.0) it doesn't seem to capture spanned layer 2 unicast traffic. I use Microsoft-Windows-NDIS-PacketCapture provider configured to capture the traffic from a NIC that gets spanned traffic.
Here how a typical capture looks like:



What I would like to see is proper parsing up to application layer of spanned layer 2 unicast traffic, the way how it gets parsed when I do parse traffic that is destined or originated from this particular PC (or broadcast/multicast traffic). For example,
I'd like to see SMTP data, etc.
It looks like I see only layer 2 broadcasted traffic, like in the screenshot (note MAC destination). All frames that I see are layer 2 broadcasts while I'm sure that this NIC gets unicasts as well and in a much larger volume.

And just in case, Wireshark does capture SPAN traffic well in the same scenario and reconstructs it up to desired SMTP and other application layer protocols without issues.
I've experimented with different options and different capture scenarios but haven't found any way around this.
Please advise.

Read other answers
RELEVANCY SCORE 87.6

I have some domain controllers on branch offices, that has 2 interface cards, as 1 interface is linked to a backup device, for this example, lets call them Network and Backup.
I have specifically defined in the config of the ATA LGW that it should only capture traffic from Network card, but whenever the backup solution starts it will generate 50-60% traffic load on Backup card, and ATA LGW then reports more traffic then it can
handle and drops some traffic.
The Network card is basically idle with nothing much to do.. CPU is average 2% and memory load is 40%, but 10Gb available still.
When backup job finishes, the Health status goes back to normal.
Bug somewhere?

Read other answers
RELEVANCY SCORE 84.8

I have over 400 domain controllers. The initial look at ATA seemed to require port mirroring on the DC's and that was just impossible. I was told an agent of some type on the DC's was coming. Is that an option now?

Read other answers
RELEVANCY SCORE 62.8

Hello, I am new to this site and I hope that you may be able to help me. I have been having problems receiving traffic from the internet. My OS is Windows ME.
I have just installed a new hard drive as the C drive and kept the old drive as the D drive with Windows still on it.
When I try to connect to the internet (from C), it connects to the ISP okay but I then cannot receive any traffic from any internet site or email. It just stays connected but I cannot open any webpage!
However, if I boot from the D drive where all the settings were still the same before I installed the new drive, the internet works perfectly - I receive all the pages, emails etc.
Any ideas why the C drive cannot receive the traffic??
I think I have tried everything but I must have missed something??!!??

Regards,
derobeer
 

A:Modem connects but no traffic received

What is your internet spex?...
*Dsl/Dial Up ect...
*Brand... AOL, Yahoo, ect...
 

Read other 3 answers
RELEVANCY SCORE 62

We use VMWare (with UCS) but don't have the premium license so can't do distributed switching. I know it's not ideal, but can we do port mirroring on the trunk port to the UCS? Would this result in additional overhead or gateways required?
If this won't work we're considering standing up a Hyper-V cluster and migrating our DCs over to it. I'm pretty sure that will work.
Any other suggestions? Thanks!

Read other answers
RELEVANCY SCORE 61.2

Hey there,
Just had a couple of questions and was hoping someone could help me out.
I know that configuring port mirroring between the DC and ATA-Gateway is a MUST, however I was wondering:
1. Is there a way so that I DO NOT have to configure the port mirroring directly on the DC's connection port? Is there a way around this? Would RSPAN be a possibility? And if I do not set the port mirroring directly onto the DC, is there a risk that ATA
wont be able to gather the necessary data or wont be able to monitor anything at all?
2. What happens when the amount of traffic going from the DC to the ATA-Gateway is too high (too heavy)? Will ATA-Gateway loose any data coming in? Would it tank/store the data and process it in order? Or does ATA have a way of sorting out and prioritize
which data should be analyzed first?
Hope someone can help me clear this out
Regards

Read other answers
RELEVANCY SCORE 60.4

My ATA Gateway is in VM and all the domain controllers are in Physical environment. Network administration team has limitation of forwarding mirrored traffic from physical switch port to logical VM switch port. Pl advise me on this to forward traffic.
Regards
Namal

Read other answers
RELEVANCY SCORE 60.4

Hi. Just wondering if ATA will be able to understand port mirror data from a Windows Server 2003 domain controller? (I assume yes) Or is there a check for OS when inspecting traffic?
Oddvar
 

Read other answers
RELEVANCY SCORE 60

I am trying to add a win 7 pro pc to a domain and I get this error " an attempt to resolve the DNS name of a domain controller in the domain being joined has failed"
I am running win server 2003 can anyone help?

A:error an attempt to resolve the DNS name of a domain controller in the domain being joined has failed

Ok I got it to work I put in the DNSserver address agine same as I did yesterday ( I must have put it in 3 or 4 times) and it din''t work I did it agine today and it worked the frist time. Thank you every one for your help
 
Derrick

Read other 13 answers
RELEVANCY SCORE 60

dear all

i have a problem in adding addtional domain controller in my forest domain.

when i try to add additional; domain controller after working few miniutes it gives meessage THE ACTIVE DIRECTORY WIZARD IS UNABLE TO CONVERT THE COMPUTER TO DOMAIN CONTROLLER ACESSES DENIED

ENTER THE USER NAME AND PASSWORD OF AN ACCOUNT WITH SUFFFICIENT PREVILAGE TO CREATE AN ADDITIONA DOMAIN CONTROLLER .

But the user name has full permission he is administrator

please help me
 

Read other answers
RELEVANCY SCORE 59.6

Hello,
I have a scenario where some DCs are on XenServer and some in Hyper-V and I need to configure port mirroring to a gateway but have found some challenges. First, it appears that port mirroring is not supported in Xen, at least that's what I've researched
and been told. Second, Hyper-V does support port mirroring AS LONG AS the DCs and gateway are on the same host. If they are on different hosts, port mirroring will stop working. 
I am interested to know what are other options I have, besides lightweight gateway, to configure port mirroring.
I appreciate your input,

Mario.



Mario.

Read other answers
RELEVANCY SCORE 59.6

Hi ATA team,
i hope you can suggest me some solutions. i have a hyperv cluster based on win 2012 (not R2). i installed ata gtw on the same host as DC, configured port mirroring source on DC and destination on ata gtw server. also ata gtw has two NICs, one for mgmt, other
for capture, but mirrororing doesn't work. i checked with ms network monitor 3.4, there is no traffic on gtw capture NIC. Is there any patch or settings that i can apply?


in lab envirement, i have HV2012R2, mirroring is working fine.

Read other answers
RELEVANCY SCORE 59.6

Hi
I just would like to verify something quick. I plan to implement ATA in an environment with a single ATA GW. This environment also consists of two domain controllers and i would like to have this single GW monitor traffic for both domain controllers.

Therefore would like to know if its possible to Mirror traffic of two DC's to the single ATA GW and what would be the config in that case?
The ATA GW would be running as a VM on a Hyper-v host.
Some guidance would be much appreciated.
Thanks

Read other answers
RELEVANCY SCORE 59.6

Hi
If i install and configure ATA lightweight gateway on my dc is it still required to configure port mirroring?
Regards

Read other answers
RELEVANCY SCORE 59.2

I've been trying to join a new Windows 7 Professional machine to a domain controller running Windows 2003 Server with no luck.  We currently have 4 Windows XP machines running on that domain without any issues, but when I try to add the Windows 7 computer,
here is what happens:

A computer account on the domain could not be found (confirmed it is already there)
I put in the computer name and domain again, and Administrator credentialsNow it tells me: "An attempt to resolve the DNS name of a DC in the domain being joined has failed."
I currently have DNS on the Windows 7 PC set to the Domain Controller and have IPv6 unchecked under Network Properties.  I can even ping the domain name (resolves to IP of the domain controller).  It looks like it can, indeed, find the domain from
the message in step 1, so am I missing something here?
Thanks in advance for any help!

A:Cannot join Windows 7 to domain even after setting DNS to domain controller IP

Hi,
You need flush your DNS cache in client side first.
Then, let?s create the following registry value for a try:
HKLM\System\CurrentControlSet\Services\LanManWorkstation\Parameters
 
 - Created a DWORD DomainCompatibilityMode = 1
 - Created a DWORD DNSNameResolutionRequired = 0
Reboot the machine and check the result again.Alex Zhao
TechNet Community Support

Read other 17 answers
RELEVANCY SCORE 59.2

Hello everyone,

So on my work laptop yesterday i got disconnected from the network, and upon trying to reconnect i had internet access but no network access, ran through some diag, was able to ping my other work station, ip,dns and dg where all fine, checked for dns records issue, none found. so i removed it from the domain and tried re-adding it, and this is where the problem is no matter what i do i cannot add this laptop on the domain. i get full internet access on the network but no network access. i know the Dns server is functioning perfectly and cant be the issue, i have also flushed dns, rebuilt tcp/Ip stack and removed all lan and wlan profiles. i am also getting a certificate error when trying to access the network on wlan.

Using my local admin here are some print screens of first the issue when trying to add the laptop back to the domain, then Ping results to my DNS server .

after removing the machine from the domain it now no longer picking up the correct DNS server.

Would assigning a new DNS record resolve the issue???

he following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "bareesc.bareescentuals.com":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.bareesc.bareescentuals.com

Common causes of this error include th... Read more

A:An active directory domain controller for the domain could not be contacted

Funny enough, we've found a handful of users on our network today unable to access local resources for the same reason!

Your DNS settings are being hijacked. They should point at your DC, but instead are pointed at a malicious DNS server hosted somewhere in Israel. Give your computer a good bath before letting play with the other children again.

We're currently in the process of mediation around here, too.

Hope that helps!

Read other 2 answers
RELEVANCY SCORE 58.4

We have a rather complicated/distributed VMWare virtual environment, and having GW-servers on each physical VMWare host is not something we really want to do.

Therefor, does Microsoft ATA support VMWare Distributed vSwitches for port-mirroring?

Read other answers
RELEVANCY SCORE 58.4

I was looking to use full gateways to receive port mirroring from server core domain controllers
Problem:
- gateway and domain controllers need to be on same host - which bad for redundancy
- lightweight gateway not supported on server core
Any ideas other than a full gateway server for each domain controller?
thanks!

Read other answers
RELEVANCY SCORE 58

I have an employee that gets this upon every boot on his assigned laptop. I have utterly no idea what it means or how to correct it. Help needed please.
 

A:Error: Domain controller could not be found for the specified domain.

Check the machine account. You might also delete it and recreate it. This may require a domain admin to rejoin the machine to the domain.
 

Read other 2 answers
RELEVANCY SCORE 58

Hello everyone. I really hope that you can help me. You are my last hope.

I maintain about 30 domain computers. Recently when users try to log in on most of them the following error appears frequently:

"Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. if the message continues to appear, contact your system administrator for assistance."

I have seen that this error appears only in the computers with Windows XP and not in the computers with Windows Vista or 7. We have 2 domain controllers.

Please let me tell you about the ways I tried to resolve this problem and their results:

- on some computers, after several restarts the users are able to log in, but if they restart or shutdown after that the error appears again; this worked for some computers, but I do not know if the error will appear again in the future.
- on some computers, when i disabled the windows firewall or allowed all kind of ICMPs it was resolved, but this did not work for all the computers and I do not know if the error will appear again in the future.
- I unjoined and then rejoined some computers from the domain and it was resolved but after restarting the error appears again.
- If I unplug the network cable the users can log in but after restart the error appears again.
- I have tried to reset the user password and computer on the Active Directory for some users and... Read more

A:windows cannot connect to the domain, either because the domain controller is down...

Read other 16 answers
RELEVANCY SCORE 58

Hello,

We have a server set up with serval computers t. I formated a pc that was on the domain and now trying to attach it back to domain and i get the message.

Domain Contriller could not be contacted
I putted all the settings same as the other pc's..

i'm also getting the message " ip adress already in use. but i'm using the same ip as the pc had before i formated the pc. is this the reason that i get the message , Domain Contriller could not be contacted

i also can ping from the pc. to the server

Any Ideas?

thanks for the help
 

A:Problem:A domain controller for the domain could not by contacted

sorry i mean i also get the message " a duplicate name exist on the network"
 

Read other 1 answers
RELEVANCY SCORE 58

Hi all,

Does anyone know if it is possible to do the following:

I wish to lock down network traffic on XP using the MMC console so that no network traffic can enter/exit my machine apart from anything with the address (xxxxx).dropbox.com

Is this possible? Any idea how I would do it?

Rgds,

J
 

Read other answers
RELEVANCY SCORE 58

Hi All

I want traffic to a specific secure website(*.paypal.com) to go through a Proxy server and port - 192.168.34.34 on port 1818

Now, I know under Internet Options, you can specify a proxy address, but then all traffic will go through that Proxy. I want to direct traffic ONLY to *.paypal.com to go through the proxy.

Do you perhaps set this in the hosts file like this:

192.168.34.34 1818 *paypal.com
But I don't think this will work Any idea how to do this? certainly it must be possible?

Thanks

A:Directing traffic via proxy for one domain only

The hosts file is only for DNS mappings so by doing that your machine will try to request the proxy server for any paypal webpages which it won't have unless cached.

What is your need for directing traffic to that domain name only through the proxy? If you wish to explicitly deny access then an Access-List on a router could do the job or you could just set the proxy server as the default gateway and force all traffic that do not belong on the clients subnet to pass through the proxy.

If you could help us determine why the need is then it may help us to find a possible alternative to completing such task.

Josh

Read other 2 answers
RELEVANCY SCORE 58

Hi, 
Can someone help me with this info?
How this should be configure on the hyper-v host and the VM?
The switch is already configured.
Thank you very much,
Yakir

Read other answers
RELEVANCY SCORE 58

Hi ATA Team,
 
Scenario:

Source: vNIC of VMs Domain Controllers hosted on Hyper-v Clusters. DCs are configured on different VLANs. A trunk port is configured between Hyper-v clusters and Data Center switch.
Destination: a dedicated NIC on ATA Gateway that installed on a physical server connected to the same DATA Center SwitchData Center Switch: Cisco.

Question:
 How to configure spanning traffic from Domain Controllers to ATA Gateway on this case?

Thanks,

Read other answers
RELEVANCY SCORE 57.2

Hi,
When I enable the Microsoft NDIS Capture Extension on the Virtual Switch I want capture the traffic on, I get the message: 

"The Selected Extension is not operating correctly.  Check the event logs for further information. If this is a non-Microsoft Extention, contact the vendor for further troubleshooting steps."

I am running Hyper-V on a Windows 8.1 computer, and would like to test ATA 2016.
Get the same error if I use either "Internal" or "Private" switch.
Has anyone seen this problem before?


Thank you

Read other answers
RELEVANCY SCORE 56.8

We have domains A and B in a bi-directional trust and run ATA instances in both domains.
Is there a way to detect account usage over/via the trust using ATA?   Do foreignSecurityPrincipal objects have logon events in ATA?

Read other answers
RELEVANCY SCORE 56.4

Windows
2012 

IP settings           172.17.2.36

Subnet mask       255.255.0.0

Gatevay                 172.17.2.1

DNS                       8.8.8.8

                           
     

Windows 7

Obtain
IP address automatically  

----------------------------------

----------------------------------

DNS
                       8.8.8.8

 
                                

The
error code reads 

------------------------------------------------------------------------------------------------------------------------------------------------

The
following error occored wen DNS was queried for the servise location (SRV)

resource
record used to locate an Active Directory Domane Controller (AD DC) for Domain

"dalek.local
".

 

the
error was: "This operation returned because the timeout period expired."

(error
code 0x000005b4 ERROR_TIMEOUT)

 

The
query was for SRV record_ldap._tcp.dc._msdcs.dalek.local.

the
DNS server used  by this com... Read more

Read other answers
RELEVANCY SCORE 56

Hi all - I have a problem with my domain.

I have 1 domain "europe1" with the PDC in the UK.
I have 2 bdc's for europe1 in the a location in france.

europe1 is the accounts domain and is trusted by lots of resource domains.

The problem is this : Open user manager for domains on either one of the BDC's, it tries to retrive the list of users but gives the error "cannot find a domain controller for this domain".
If I try to retrieve a list of users from any one of the trusting domains it works no problem.

As a test we built a new bdc and it worked with no problems.

Any idea's what is wrong with our original BDC's ??

Thanks in advance
 

A:Cannot find domain controller for this domain

Have you done the standard what I term Microsoft solutions.

Reapply service pack the BDC's
Apply the latest Network card driver and reapply the service pack.

Only other thing I can think to check is can the BDC's resolve the PDC computer name.

Hope this is some what helpful.

Scott
 

Read other 1 answers
RELEVANCY SCORE 56

When I logon to our network I get "Domain controller for this domain could not be found:. The event viewer records event ID 5719 in the system log:
No Windows NT Domain Controller is available for domain PGMS_LAW. (This event is expected and can be ignored when booting with the 'No Net' Hardware Profile.) The following error occurred:
The RPC server is unavailable.
According to MS support the way to resolve this is to disable LMHOSTS lookup box. This was not enable on any machines and now I'm stuck. Does anyone have any ideas?
 

A:Domain controller for this domain could not be found

Simplest thing to try is remove it from the domain (make sure you have a local account with admin rights FIRST). Then re-add it to the domain.
Can you see/use network resources otherwise? Are the lights on on the NIC? Have you tried a different cable/network port?
Maybe remove/re-add the NIC. Check all the properties, correct IP/subnet/gateway/etc.......
 

Read other 1 answers
RELEVANCY SCORE 56

Hello everyone, those who love simulators and those of you looking for a reason to start playing one. I would like to introduce you to Tower 3D Pro simulator.

You can check out the trailer here -

Tower 3d pro is the next photo realistic air traffic control simulator, replicating what a realistic job as a traffic controller looks like. The game offers multiplayer modes and voice recognition so you have full control over planes or vehicles and runways with the power of your voice.

Your assignment is to guide aircrafts of various sizes and capabilities to and from the active runway for landing and takeoff. As a tower control operator you must ensure that it?s safe for a plane to enter or cross a runway, assign taxiway routes, when to stop and start movement, and clear aircraft for take-off.
Tower 3d pro is the next photo realistic air traffic control simulator, replicating what a realistic job as a traffic controller looks like. The game offers multiplayer modes and voice recognition so you have full control over planes or vehicles and runways with the power of your voice.

Features:

? 3 photorealistic airports
? Voice recognition
? Multiplayer
? Multi monitor
? Advanced AI pilots to follow your commands
? Stunning 3D rendering of the airports
? Runway assignments for arriving and departing aircraft may be changed
? Runway intersection takeoffs are simulated
? Advanced routing to and from the runways and terminals can be assigned
? Dynamic lighting... Read more

Read other answers
RELEVANCY SCORE 56

Ever since implementing ATA, we have been generating alerts from our firewall for blocked traffic on port 135. The traffic is only into one of our environments. Does anyone know what ATA is doing on port 135?

Read other answers
RELEVANCY SCORE 55.2

For the second time in 6 months I've had to do a total re-build on my machine. P4 1.8Ghz Win XP Pro. The reason is that after the machine has been running for around 10 minutes I lose all inbound traffic on Port 80. Everything else looks and works fine. I can send / receive e-mail, I can FTP, I can browse Port 81 sites, I can get UDP on ports 2198 etc. I can see traffic leaving and inbound trqaffic is being presented to the router. Disabling firewalls etc makes no difference.

The only way to continue browsing is to re-boot the machine. I can see http files on my machine, and the problem is the same whatever browser is used. It is obviously something in the IP stackbut I can't track it down. A re-build of the machine has fixed it.

As this is the second time it has happened, I would be keen to know if anyone else has had this and fixed it? Could save me days of frustration in 5 months time!
 

A:Loss of Port 80 IP traffic

Read other 6 answers
RELEVANCY SCORE 55.2

Is there a way I can measure the bits/second going into/out of a given network port number - such as 9090? I need to separate the rate of network traffic going through port 9090 vs other ports (such as port 80, for example). 

Is there a program that will provide that information?

Read other answers
RELEVANCY SCORE 55.2

Hi,
I'm basically just trying to know if it's at all possible to do the following:
Program A uses the port 2000 for it's input/output, but I would like for it to use the port 3000.
Is there any tool/config that allows me to reroute traffic to the port I wish to use?

Thanks.
 

A:rerouting port traffic

I am assuming you are trying to get around some port blocking of port 2000 by your ISP or other connection source like a school network. Sorry, can't help you out.
 

Read other 2 answers
RELEVANCY SCORE 54.8

One of my computers is no longer allowing port 80/http traffic. For example, I can ping www.yahoo.com, but can't get to the website via FireFox or IE with either the URL or IP address, but both can be pinged successfully.

I also know it's not the network because my other computer (the one I'm using to post this thread) is working just fine.

Any help would be appreciated.

A:How to unblock http/port 80 traffic?

dbasset74,

Check out the web site,

www.xp-smoker.com/freeware.html

Spyware etc will cause your stack to get damaged. I also strongly suggest you also read the security forums on TSF and run adaware etc, etc, etc.

The Hooligan

Read other 2 answers
RELEVANCY SCORE 54.8

Hello all,
Today I tried to access www.theage.com.au. It had been open and working an hour or so earlier. Instead of The Age, this is what I got: http://i.imgur.com/0z5MG.png . I do not have any security software running. I refreshed, and continued to get that page. I pinged www.thage.com.au and the IP resolved to: 180.246.239.217. I tried to access http://www.theage.com.au/support and other parts of the website and got 404 errors. I checked with other people with the same ISP, and they could access it fine. I changed my DNS server to the google one, and refreshed again, and got the same thing. Finally, some time later, I realised I hadn't cleared the cache, so I did a forced refresh (ctrl F5) and it came up with the correct site.

During that, I also ran a full scan with avast (nothing found) and downloaded and installed malwarebytes, and ran a full scan with that (nothing found). However later on malware bytes informed me that it had blocked traffic on port 137 to an IP address in china (222.69.214.204) and latvia (91.188.37.20). As a result of that, I ran wireshark and have found there is constant traffic from my computer on port 137 to a large amount of IP addresses (Example :http://i.imgur.com/nPsSd.png). The question being, is this normal traffic, and was that original inability to access the correct website something I should be worried about.

A:Browser redirect/traffic on port 137

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next t... Read more

Read other 3 answers
RELEVANCY SCORE 54.8

Hi,

Is there a way to rout HTTP traffic through another port e.g. port 21? I was able to find many programs that does the exact opposite e.g. [email protected] which sends SOCKS5 traffic through a HTTP proxy. I found an online service called Megaproxy, found at https://megaproxy.com, which sends HTTP traffic through HTTPS using a different port (at least thats what I infer). Is there a fast program or similar that does the job with out the file size limit and ads found on megaproxy?

I access the internet through a firewall and proxy server.

Thanks a lot,
-Dan
 

A:Routing HTTP traffic through another port

Read other 16 answers
RELEVANCY SCORE 54.8

Hi and thanks in advance for reading.

I do volunteer work for a small nonprofit whose internet provider has informed them of high traffic on port 445. I'm assuming this could be a virus or peer to peer file sharing. I've got the gal who works in the office looking for P2P software on any computers, but I thought I'd run a hijack this log on the server for good measure, as the contractors feel quite certain there is a virus or something on the server.

Do you see anything in the attached that I should address?

Thanks again.

A:Concerned about traffic on port 445 - log attached

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

Read other 1 answers
RELEVANCY SCORE 54.8

Hi,
I need some help with an issue we are having on our network. We have a few workstations that are trying to contact destination IP address 157.56.149.60 on port 3544.
The count is 21384 events in the span of 17 hours. The port 3544 is used by Teredo which is
a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet.
Why are these hosts trying to communicate on this port? We don't have IPV6 turned on. How can I stop these communication attempts?
Thank you for your help in advance,
Marcello Falleni

Read other answers
RELEVANCY SCORE 54

A TCP port is explicitly set to allow all traffic, yet when the user's neighbor on the local LAN attempts to connect, it is still blocked.
When the Windows firewall is turned off, the remote user has access, so I know it is the Windows firewall.
I enabled logging and went to the firewall log and see the entry for denied access on the port set to allow on all networks.
2016-01-27 16:57:55 DROP TCP 192.168.1.129 192.168.1.27 61290 9704 52 S 2880220756 0 8192 - - - RECEIVE
What can we do to make this work other than turning off the firewall?

 

Read other answers
RELEVANCY SCORE 53.6

Hey Guys,

I noticed many applications have different ports for outbound and inbound traffic. Does outbound traffic need to be port-forwarded if you are behind a router? I know that inbound does, but outbound?? Thanks.
 

A:Solved: Does outbound traffic need to be port-forwarded on a router?

In the context that you're speaking of: No.

Generally firewalls have a state table. The state table inspects the IP headers of a packet to look for the source/destination port. When you create this connection an entry is stored in the state table that will allow traffic in/out on the source/destination pair.
 

Read other 3 answers