Over 1 million tech questions and answers.

network traffic analyzer

Q: network traffic analyzer

I'm looking for a good network analyzer software that allows me to monitor the network. maybe have some features on discovering devices, ports, bandwidth in a certain amount of time, etc. Thanks.

RELEVANCY SCORE 200
Preferred Solution: network traffic analyzer

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: network traffic analyzer

That would depend on the network topology. Any global network monitoring will have to be done with access to a common point where all the traffic converges. Addressed traffic between workstations will go directly between them via any switches and gateways in the path, so you can't do this with just a workstation.

Read other 1 answers
RELEVANCY SCORE 81.6

I want to capture both local and network traffic for connections and disconnections unrelated to http
Capture filter "(tcp.RST || tcp.SYN) && tcp.Port != 80 && tcp.Port != 443"

I found that I can do one or the other, but when I add both below, I capture neither ???
>> What is the trick to capturing both ?
Thanks

Read other answers
RELEVANCY SCORE 81.6

My network seems to be slowing way down. I have basic networking knowledge and moderate Server knowledge. I, however, do not have very good analyzer skills.

Just like how we have an awsome sticky on RAID, I was wondering if we could have one on analyzing tools.

Personally I am looking for something either built into Server 2003, downloadable form Microsoft, or even free or expensive software that lets me monitor my network for traffic problems.

I am getting lots of users who are connected to a database on our server, and about every 5 minutes it looses the connection. I am trying to track the problem and don't know where to start.
 

Read other answers
RELEVANCY SCORE 66

Hi everyone!!!

I've been tasked with running message analyzer to determine if data is encrypted from an endpoint. We are using MBAM and want to ensure that any data sent to MBAM application server is encrypted. Now, we know it is via https, but, we still need to verify this
(for audit purposes).

Can anyone provide some insight as to how I could use microsoft message anaylzer (or perhaps something better) ?

We are planning to run a capture for 24 hours. We also want to ensure data is encrypted from app server to sql server. 



Thanks all! 

Read other answers
RELEVANCY SCORE 66

Hi guys,

I hope you guys could provide me with a few sites on

Traffic Generator Functions or Performance Analyzer

these are for networking, layer 1 and layer 2 switches
I cant seem to find any, so i hope you guys could help me out
thanks
 

Read other answers
RELEVANCY SCORE 66

I keep getting this alert despite the amount of resources that I add to my Gateway.  
Our DC and Gateway are running virtually in VMware.  Distributed Virtual Switches are not an option so I have to resort to configuring Promiscuous Port Group.  
I configured a Promiscuous Port Group on the same Virtual Switch that the DC (and the rest of our servers) is connected , and assigned it the same VLAN ID as the DC. 
ATA is capturing and reporting traffic but I continually receive an alert for some network traffic is not being analyzed.  I have thrown double the resources at our Gateway's
than what the sizing tool identified, and still receive this alert.  At this point I have 24GB of RAM and 10 Cores allocated to my Gateway which is only capturing reporting on 1 DC.  At this point I am about ready to scrap ATA because of how resource
intense it is.  
Any ideas or suggestions?  Does it sound like I have the Promiscuous Port Group configured correctly, or is it possible that I am capturing ALL traffic for the VLAN assigned?  

Read other answers
RELEVANCY SCORE 65.2

Hello,
I've used Message Analyzer in the past to decrypt HTTPS traffic after importing the certificate used by the web server and it was a tremendous improvement over Netmon & NMDecrypt.    I'm looking at a trace I took of LDAPS traffic (TCP.port==636)
and the traffic after the SSL handshake Message Analyzer is not decrypting the traffic.   

Is the decryption sub-routines in Message Analyzer only supposed to work with HTTPS traffic, or should we be expecting to see success on LDAPS traffic as well?
Thank you,
John

Read other answers
RELEVANCY SCORE 64.8

Is there a good network traffic/broadband monitor that actually keeps track of ALL (really ALL) traffic in a network?
I have used quite a few (eg, Ethereal, ntop, network probe) but all of them kinda keep track of only traffic that is coming in and out of the PC they are run from.

I need one that really tracks every single transaction that goes on in the network, including PCs talking to PCs, PCs talking to servers, servers talking to PCs, PCs talking to printers, etc.

Would help a great deal if they are FREE too!

Anyone know of any good ones?
 

A:Network traffic/bandwidth monitor that tracks GLOBAL network traffic

Hi.

You may find something here...

http://www.freewarehome.com/Internet/Networking/Network_Monitoring_t.html
 

Read other 2 answers
RELEVANCY SCORE 64.4

Hi,
Is is possible to monitor the DHCP server logs and traffic on a Windows 2012 R2 DHCP load balanced server using Message Analyzer?
Mike

Read other answers
RELEVANCY SCORE 64

Upgraded to Windows 10 today, and Message Analyzer no longer seems to be capturing traffic (build 4.0.7540.0).

Get-NetEventSession shows that there's a session running, but nothing shows up in the Message Analyzer window.
 

Read other answers
RELEVANCY SCORE 64

While I open my the ETL file captured in Windows 10, the PID/VID seems to be incorrect (compared to what I read in Network Monitor 3.4 and I plugged the devices myself, I know what's the right VID/PID).
I did discover there are some error messages in the log, and I only put two examples below,
10/28/2015 3:29:17 PM Error C:\Users\IBM_ADMIN\AppData\Local\Microsoft\MessageAnalyzer\OPNAndConfiguration\OpnForEtw\OpnForEtwProcess\TCPIPComponentExt.opn(173,45-173,62):  undeclared 'EventTemplate_130'
10/28/2015 3:29:17 PM Error C:\Users\IBM_ADMIN\AppData\Local\Microsoft\MessageAnalyzer\OPNAndConfiguration\OpnForEtw\OpnForEtwProcess\TCPIPComponentExt.opn(197,50-197,67):  undeclared 'EventTemplate_130'

Could you help me to understand what I should do to overcome it?

Read other answers
RELEVANCY SCORE 63.2

Hi!
Is there a way to look inside GRE tunnel traffic captured with Wireshark in Message Analyzer? I'm troubleshooting a scenario where I need to correlate event log entries from a server with network trace captured on by another person using ERSPAN protocol.
Thanks,
Ivan

Ivan Seriavin

Read other answers
RELEVANCY SCORE 60.8

Dear all,
it should be possible to
"Capture firewall discard Events - This feature allows you to discover how the firewall is affecting network traffic.  New messages tell you when traffic is blocked and associated IDs point to the specific firewall rule responsible
for dropping the message."
Source
Does anybody of you know a little bit more about how Message Analyzer has to be configured to show which rule blocks (in my case Outbound) traffic?
This would be a great improvement to the pfirewall.log, where this important information is missing...
Best regards

Peter

Read other answers
RELEVANCY SCORE 52

I come to you as a PC ignoramus in need of some expert advice with regards to a serious issue I am facing,
 
I have had hackers completely takeover my network and have not only taken control of all webtraffic from the network on all devices but also have installed some form of software which stops me from changing AV etc,
 
Only reason I noticed is I went TCPview (Will attach pictures) and noticed these connections, i have tried reinstalling and it only comes on as soon as I connect to the network.
 
Also, I have run Spyhunter and it is consistently coming up with large amounts of cookies threats
 
Namely 207, Sex -??,
 
Name: Media
Path: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies::ipinfo_13054458043766831
^
1stat.com
 
Severdyby and numerous others
 
 
I have no idea what to do and need your assistance, Its much appreciated BC members
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 10.67.2
Run by Owner at 17:43:06 on 2014-09-06
Microsoft Windows 7 Professional   6.1.7601.1.1252.61.1033.18.6098.3272 [GMT 10:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.... Read more

A:Complete Network takeover - Whole network traffic hijacked + PCs Infected HELP!!

Anyone able to help me?
 
Would be much appreciated

Read other 3 answers
RELEVANCY SCORE 51.6

I'm not sure if I'm trying to do the impossible but I'll explain the situation.

I have this roommate that is excessively consuming the majority of the networks bandwidth. I've blocked all service ports except for 443, 80, and a few other ones used for every day task. The problem is that he is still consuming a ton of bandwidth, I'm guessing by streaming or downloading through HTTP.

I have *two* WGR614v10 router, and a Realtek PCIe LAN card controller at my disposal. I attempted to set QoS settings on what we will call Base Router. That did not seem to do the trick because router QoS only blocks ports and slows upload speed. Since that did not work I hid the SSID/MAC filtered connections to the Base Router and then connected my computer to the Base Router and rebroadcasted the signal using a Secondary Router using a shared connection, which I gave him access to. The point of this was an attempt to control bandwidth through the Realtek LAN card; I am not having any luck with this though. I've set the adapter to 10Mbps at half duplex already.

Does anyone have any suggestions on what I can look into for limiting bandwidth? I want him to have Internet but not abuse it like he's doing because that is not what we agreed upon.

A:How to limit network traffic speeds with a network card?

If you want to solve the issue using your existing equipment, you can try dd-wrt on one WGR614v10. See this thread (DD-WRT Forum :: View topic - WGR614v10 Support - Jump to post 9) which claims that there is a dd-wrt flash for WNR1000v3 which works on WGR614v10. Then look a thread like this (DD-WRT Forum :: View topic - Steps for Permanently limit Bandwidth of a PC using DD-WRT ?) to setup the limits. You can start a new thread in those forums if you want someone to walk you thru the steps.

Or you can just buy a router/access point that has a bandwidth limiting feature for each SSID that it broadcasts.

Read other 2 answers
RELEVANCY SCORE 51.6

I am wondering how I can use the above app on my i phone, but also in my home to make sure my wifi is operating correctly? I also would like to know if there might be a user-friendly version of how-to with this so-called app? Last night I ran a LAN scan on the app and found a couple IP addresses I didn't recognize. I appreciate everyone's help!
 

Read other answers
RELEVANCY SCORE 51.6

Ethereal: A Network Protocol Analyzer

Above is a link to ethereal. It is an excellent tool to analyze the packets sent and received by your machine. It is very interesting to look at and extremely helpful to diagnosis of problems in general.

There is a slight learning curve for how to use it well. But if you are of the type that would be interested in this kind of thing, I trust you are also of the type that can use it well.

For instance, you can see all the traffic on your local lan and what your computers are saying to each other. You can see how your router calls out to your machines to ensure they are still on the network. Lots of other cool things.

You can see when you start up certain software that they are trying to "call home" which many people find they do not like at all.

Play around with it some and you may be glad you have a new tool at your disposal. You could use it to capture all packets sent and received, for many different purposes, from any specific adapter. Perhaps you want to see what your computers are doing while you away or while another is using? Alright, that's a little shady though, heh heh.

Enjoy!

A:Network analyzer and why you may want

The Product Formerly Known As Ethereal is now called "Wireshark".

Wireshark :: Go deep.

Read other 5 answers
RELEVANCY SCORE 50.4

Any recommendation for a Network Bandwidth analyzer? I would like to find out who's using up all of the bandwidth in our network, from internet radio to gaming.
 

A:Network Bandwidth Analyzer or Logging

You can download wireshark. It is probably the best freeware network traffic analyzer.I

t will analyze all network traffic and the captured data can be filtered. It is fairly straightforward. Once you have got the hang, take a look around the options and you can graph captured traffic by endpoint IP, mac or by protocol, as well as top talkers. There are loads of tutorials freely available.

Wireshark has an impact on the network performance so it is best to choose a time when everyone is online and grab short captures - <5 minutes at intervals over a peak traffic hour. Don't leave it running indefinitely as the capture files get huge.
 

Read other 2 answers
RELEVANCY SCORE 50

Message Analyzer seems to have no print/export as CSV/TSV. 
Log parser 2.2 doesn't seem to understand .matp formats. 2.2 seems to be the latest version.
logparser -i:netmon "SELECT * INTO test.csv from test.matp
says "not recognized as a valid NetMon capture file"

Are there other tools? I'm surprised this is not a common request. 

Message Analyzer can export as .cap files, but these particular traces either export badly or the traffic is something that wireshark doesn't handle. MessageAnalyzer shows it as fairly standard TCP traffic, albeit to/from IPV4-loopback, which is the correct
"NIC".

Read other answers
RELEVANCY SCORE 50

Hi,

I followed instructions in the 'Before posting HJT logfile' and am ready to go. Tried unsuccessfully by myself, now I'm asking for help. I was close to just reformatting since I figured I was due anyway....but would rather rid myself of this nasty little trojan who keeps coming back.

Thanks in advance....


P.S. This logfile is from HJT Analyzer


Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

... Read more

A:HJT Analyzer log, have ABI Network/Nail.exe MALWARE. any help appreciated

Hi and Welcome to TSF

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running. Ad-Aware? SE Personal Edition
Spybot Search & Destroy
CWShredder

Also make sure you are using the the latest version (1.99.1) of HijackThis and it's installed in it's own folder on the root drive. (C:\HJT)

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible.
Please make sure system restore is enabled by right clicking on My Computer and go to Properties->System Restore and check the box for Turn OFF System Restore and make sure it?s NOT checked. We want system restore ON and monitoring your current hard drive. Once your clean we will turn this off and then back on to remove the infection from the restore folder and create a clean restore point.

Download and install CleanUp! but do not run it yet.

*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

Download, install, and update Ewido Security SuiteInstall ewido security suite
Launch ewido, there should be a big E icon on your desktop, double-click it.
The program will prompt you to update click the OK button
The program will now go to the main screen
You will need to update ewido to the latest definition files.On the left hand s... Read more

Read other 11 answers
RELEVANCY SCORE 49.2

Our network keeps experiencing intermittent outages throughout the office. When we go to particular websites, it times out when it used pull up the browser successfully. Other times, Office365 downloads are restricted to the point where I have to switch to our public network to download the Office365 software suite. It's not restricted to our internal LAN. However, this issue also pops up with the internal WLAN as well. From what I can tell, this issue started around the time our MSP installed their antivirus and anti-malware on all the machines including the servers. They also turned on the content filtering to restrict malware. Another thing is our office has maxed out on the voltage, I'm not sure if that's related to this issue. I thought I'd mention it.

Does anyone know of any network analyzing tools that are simple to use and will help me pinpoint the cause of the slow performance without an extended learning curve?

So far I'm looking at:

wireshark
total network monitor
prtg network monitor
caspa free
LAN sweeper
manage engine netflow analyze
the dude
solarwinds netflow traffic analyzer

Thanks in advance
 

A:Network Analyzer to spot Bottlenecks and Internet Outages

I've used Wireshark before and possibly Solarwinds. I haven't used any of the others, so I can't comment on them.

Based on what I've seen from the programs I've used, even with the simplest network analyzer, you are still going to need to have a good understanding of networking. Otherwise, the tool won't be able to help you. This will require you to have the knowledge to analyze these packets yourself. The software will capture them, but it's still just a tool to aid you.

It can't hurt to try a free program (such as Wireshark), create a capture of when the network is running slow, and then analyze the capture yourself. If you can't find anything that would suggest an issue, you can always upload the capture to this site or any other site and have other people help you analyze it.
 

Read other 2 answers
RELEVANCY SCORE 49.2

My application does not have any network-like implementation except FlexNet Publisher for licensing. I expect it should connect only to license server.

When I use Microsoft Network Monitor then it shows only connections from/to my application and license server.

When I use Microsoft Message Analyzer then it shows enormous additional traffic for my application which I cannot explain. For example many events' source and destination do not match my local machine (BRWS/DNS/UDP modules), so it seems that my application
is kind of proxy (?) for them. Can anyone give some hints how to interpret Message Analyzer data, please?

Read other answers
RELEVANCY SCORE 49.2

Can anyone walk me through trying to fix my networking issue? Is that allowed in this section?

If so, I've got a computer connected to our network, and it's able to access all the other computers on the network, but trying to access it from the server and I get nothing. Even trying to ping it from the command prompt it times out. However, pinging the server from the computer it kicks back immediately. It's not a firewall issue because I've turned it off and still cannot connect to it from the server. I recently had to remove some scareware from this computer, and that's when the networking issue started.

Any ideas?
 

A:One-way traffic on a network

*ping*

Anyone?

ICMP enabled, DHCP enabled, firewall off. Nothing doing. Workstation sees everything on the network and can access shared folders and ping all other workstations. But the rest of the workstations and the server "see" the troubled workstation, but cannot contact it.
 

Read other 18 answers
RELEVANCY SCORE 49.2

I have about 300 computers on my network and want to isolate a department. That department is generating to much traffic. I don't know if I should use a bridge,Ethernet switch or create a workgroup for them. I still need the deparment to be on the same network.

Thank You,

julia
 

A:Traffic on the Network

A workgroup won't really help with router traffic. It's just a logical arrangement for the computers.

I don't honestly know enough to say whether a bridge would be better, but I would think a switch would be more cost effective.

Hopefully someone with a bit more knowledge about this will reply soon.
 

Read other 2 answers
RELEVANCY SCORE 49.2

I use NetMeter to monitor in and outbound traffic to my computer, and starting a coupple of months ago, every once and a while, a series of a thousand or so 2.25 to 3Mb/s upload spikes start, amounting for almost 1Gb per day!!!!!

the spikes occur every 20 seconds, like clockwork.

i'll post a screenshot from netmeter next time it happens.

the odd thing is, no antivirus i've tried has found anything! same goes for antispyware!

whenever i start deleteing processes from the process list, it stops, then comes back after a coupple of minutes! also, if i am running on wifi, plug in my network cable, wait for it to connect, and disable wifi, the pulses subside for a bit, then come back!

i'm concerned because of the incredible ammount of data involved, and, it seems to have been increasing iver the past month.

Luckily, all the important data on my machine is encrypted, but, if the spikes are a data transfer, encryption won't mean $#!7.

any ideas?
screenshot comming soon.
 

A:Odd network traffic

Read other 8 answers
RELEVANCY SCORE 49.2

Hello,

I have a LAN of about 10 computers and we conect to internet via a switch. I want a software to monitor which computer consumes internet speed

A:Network traffic

Would resmon not do the trick?

Read other 1 answers
RELEVANCY SCORE 49.2

Dear All,

I want to monitor my network traffic. Which tool I will have to use for that and how to monitor network traffic. Please help me everyone because this is very important question which I will have to face in interview.

Thanks in advance
 

A:Network Traffic

http://www.wireshark.org/
 

Read other 2 answers
RELEVANCY SCORE 48.8

Hi,

I have a client with a small workgroup network. There are 6 workstations all running Windows 98 SE, and they are using a PC running Windows XP as a file server.

They have a problem with a certain piece of software sticking at random intervals, it will stop responding for a certain amount of time, sometimes a few seconds and other times 10 minutes and then it will suddenly free up and start working again, there is no pattern to it and I cant find any way of replicating the problem. As far as I can tell its down to network bandwidth being eaten up by something on the network but would like to run some software to prove this correct, and obviously determain which machine is using all the bandwidth.

I would like to put some software on there network to monitor the amount of traffic being produced across the network by each workstation, and was wondering if anybody had any recomendations?

Thanks,

Dan
 

A:Network Traffic Monitoring

What kind of software is this?
Is it server based and accessed by the clients?
standalone installed only on the client PC's?
Does it utlize network resources when it is run?

But to answer your question, you can try ethereal (ethereal.com) a very good tool.
 

Read other 2 answers
RELEVANCY SCORE 48.8

We start using Microsoft ATA within our environment, but the following events keep popping up;
Gateway, DCx, is receiving more network traffic than it can process. A portion of the network traffic is not analyzed.
We disabled the offload settings on our NICs on both the DC's and the ATA Server.
The DC's and the ATA Server are both running Server 2016 and we are using the lightweight client.
The output of the sizing tool:

The DC Specs;
DC1; Physical 40CPU, 32GB
DC2; Hyper-V, 16CPU, 32GB
DC3; Physical, 20CPU, 32GB
DC4; Hyper-V, 16CPU, 32GB
The ATA Server Specs;
ATACENTER; Hyper-V, 16CPU, 48GB
Especially DC1 generates lot's of this notifications.

Read other answers
RELEVANCY SCORE 48.8

Hello all.
 
I have a 50 user network with multiple switches and WAPs.  Im noticing that all the activity lights on all ports are constantly showing traffic.  I would imagine that one of my computers is doing some sort of port blasting or spaming.  How do I go about finding that computer?
 
Thank you,
 
Scott

A:Excessive Network Traffic

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/507604 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 48.8

Hi, does anybody know a tool to manually generate network traffic and to save that traffic into a .pcap file?
 

A:Network Traffic generator

Read other 8 answers
RELEVANCY SCORE 48.8

Hi,

I am a network administrator of a Software Company
and using Symentec Corporate Edition 2000.
It is updated on regural basis for every nodes on our
network and our network consists with one Cisco PIX
Firewall which is connected with Cisco switch and all
the computers are connected with the cisco switch.
Every Nodes on our network using PIX internal IP
Address i.e. 192.168.0.2 as a Getway and accessing
broadband(256 KBps) internet, no Proxy is installed
over here.

Now the problem, that we are facing for last two days
are when more number of PCs are starting on LAN, the
packet broabcusting is increasing upto 900KBps which
is showing on firewall inside interface traffic
monitoring software and internet access speed is
becoming slow.

After Scaning all the machine no Virus or Spyware or
worm is being detected.

please help me by proper susession.

Regards,
 

A:Network traffic problem

you may also want to use network monitor to find the problem.

here is the case study we had. quoted from http://www.howtonetworking.com/casestudy/spywareblockinternet1.htm

Case Study - Trojan and spyware block accessing the Internet

Situation: Small Company has a Linksys router connecting to the Internet. In the early morning, accessing to the Internet seems to work fine. After half hour or one hour, accessing to the Internet is slow and slower. Eventually, no one in the office can access the Internet. The temporary solution is reset the router or reboot all computers.

Investigation: 1. We checked and tested all hardware connections such as NIC and cabling. They are OK and they donít have any issues to share files and printers.

2. TCP/IP configuration looks good too. Used nslookup to check the status of DNS and it looked good.

3. Network Monitor and the log of the router listed a lot of packets sent to the router.

Resolution: Based on the Network Monitor and log, we found the problem computer with many Trojan and spyware. After we cleaned the computer and install a firewall, they donít have the same issue any more. A happy ending!

Related Topics

Troubleshooting Internet Access
Troubleshooting Spyware
 

Read other 3 answers
RELEVANCY SCORE 48.8

can anybody plz tell what software is realy good to analyse network traffic.

my requirements are

I have a big network lots of user a connected but sometimes some of the users chatting, downlading big big files so the network becomes very slow.that i want to inspect the traffic that which user is using the net for that activity etc etc

plz update me asap
 

A:network traffic analising

Depending on where you put the program, Ethereal analyzes network traffic.

Also a proxy server should kill most of the problems.
 

Read other 3 answers
RELEVANCY SCORE 48.8

While I'm playing Battlefield 2, I get a warning of a connection problem. This lasts about 4 seconds, then again about 3 seconds after that. This used to happen once every half hour or so, but its become much more frequent, to the point where the game is unplayable.

I have a network meter gadget on the desktop and I've noticed a spike in traffic at about the same intervals. At first, I thought it was Skype or Avast to blame, but I can count them out after stopping each one.

I need some way to log which program accesses the network at what time, so I can compare the spikes to the correct time and hopefully find the program responsible. Is this possible?

A:Can network traffic be logged?

Here are a couple possibilities. I have used both with Windows XP Pro but tested neither with Windows 7.

Wireshark will log all packets, which will allow you to analyze what sites the traffic is to and examine the packets themselves to whatever depth you care to look. I've seen references to running this on Win 7, even 64-bit.

The SAX2 Intrusion Detection System is perhaps a simpler approach; it will show you the connections that are open and the number of packets sent to each connection. Vista is listed as a supported OS but I've seen no mention of Windows 7.

Read other 1 answers
RELEVANCY SCORE 48.8

I have 10 Windows XP Clients, 1 Windows 2000 Advanced Server configured as a domain controller, 1 Windows 2000 Advanced Server with SQL Server 7.0 installed and 1 Windows 2000 Workstation.

Here is the problem:

When the Win2000 workstation logs on in the morning and gets into the system, everyone else slows to almost a complete stop. If I unplug the Domain Controller after she logs on, everyone else speeds back up. If the domain controller is not plugged in the win2000 workstation can't log on. This is a serious problem and I can't figure out why the network would slow. My Domain Controller is the only machine with a 10 MBPS ethernet card. The SQL server sits outside the domain in a workgroup.

My boss is really pissed off because this has been going on for weeks now.

Please Help,

Thanks,

Stiltz
 

A:Network traffic problem

Read other 10 answers
RELEVANCY SCORE 48.8

Hello,
I am having problems printing. I need to capture the traffic from the workstation across the network, to the printer. I believe the problem is actually with the printer itself (such as the nic card, or the system board) but I would like to have some to show the tech from the printer company as they have tried to blame it on our network in the past.

I assume what I need is a sniffer, but if there is one out there a little more user friendly then another that would help.

Thanks in advance
damon
 

A:Capture network traffic

I use WireShark as a protocol sniffer.
 

Read other 1 answers
RELEVANCY SCORE 48.8

Hello, so we have Comcast internet and have recently been hit with a Data cap of 1 TB per month. Anyways we have never come close to 1 TB, 615 GB at most which even that I think is high for only really 2 people that use the internet in the household while 3 people use the internet one of them uses it rarely and does no Netflix or youtube or anything of the sort. Anyways this month Comcast's data meter claims we've used over 110% of our data and show us at like 1140+ some GB's used already which for 2 people and sometimes 3 is really not accurate in my opinion even though they claim it's accurate. So even though we've never gone over before and never even come close to our cap this month it's showing and telling us we have/our. So to get to the point I want to know if there is a good way for me to monitor and easily see what's on my network and what's using all the bandwidth that Comcast is claiming I we are using so I can compare it vs there own meter which I feel is very inaccurate and if not then see if something happened that for some reason caused this huge spike in data usage. I have called them but they were no real help and just kept explaining/asking me if I know we have a cap and or if I know that playing video games or watching Netflix uses data which I do I mean I am not stupid, I even used Comcast's own data usage thing where I inputted how many hours of streaming video a day or video game playing. Anyways I set that to... Read more

Read other answers
RELEVANCY SCORE 48.8

I have a computer that is experiencing much higher than expected network activity. Over the course of a 6 hour period, it received 1.7 GB of data and sent 300 GB; this is actually a mild sample of the last months issues. We have had the computer use as much as two gigs in an hour. It will use data whether people are working on it or not, as long as the computer is powered on.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by lks (administrator) on HANDSINHARMONY (30-03-2016 08:29:38)
Running from C:\Users\lks\Desktop
Loaded Profiles: lks & QBDataServiceUser22 (Available Profiles: lks & Lara & QBDataServiceUser22 & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot Software, Inc. ) C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.)... Read more

A:Tons of network traffic...

to BleepingComputer.Hi there,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / music / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.*** Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.*** Please download Malwarebytes Anti-Rootkit and save it to your desktop.Be sure to print out and follow the instructions provided on that same page.Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.Double click on downloaded file. OK self extracting prompt.MBAR will start. Click in the introduction screen "next"... Read more

Read other 3 answers
RELEVANCY SCORE 48.8

I am going to be using a lot of unsecured wifi, and need to tunnel all my network traffic using SSH to a computer at my house. Does anyone know how to do this? I have read some guides, but they talk about only internet explorer and not everything I am sending out, including pings and DNS requests. Any help would be great.

Read other answers
RELEVANCY SCORE 48.8

I've got a client who has his office in his home. Unfortunately, his two teenaged sons are also on the network with their own PC's. Last month there was over 200 GB's of traffic through the ISP. I've gone through the business end of the network and haven't found any viruses or spyware (due dilligence) and I know its those two little *$#^. Of course, the owner thinks the kids are the best thing since sliced bread, so he's pointing the finger at me. Soooo...I need to not only capture packets as they route through the server, but I need to determine the nature of the packets either via protocol or better yet application, and it would be nice to determine the IP they're coming from. I'm sure they're doing extensive file sharing, but other than getting onto their PC's I can't prove it.
Can someone suggest an app that can provide this kind of detail? I've tried Ethereal but I either dont' understand the logs or they simply don't provide the info I need.

Thanks!
 

A:Determining network traffic on LAN

I remember seeing hardware that does this for you, I forget the name of it but I'll look around.
 

Read other 3 answers
RELEVANCY SCORE 48.8

Is there a way I can measure the bits/second going into/out of a given network port number - such as 9090? I need to separate the rate of network traffic going through port 9090 vs other ports (such as port 80, for example). 

Is there a program that will provide that information?

Read other answers
RELEVANCY SCORE 48.8

I have a DI 804 Router
I had 2 computers connected to it
This morning i just connected a third one to it

And well, i notice that my ping is higher now in games

200 before

Around maybe 230 to 300 now

How can i fix this problem?
 

A:Network traffic? Lagging!

Let's move you to networking for better assistance.
 

Read other 1 answers
RELEVANCY SCORE 48.8

Hey guys I have an issue that im not sure is an issue but im pretty sure it is as my other pc isnt doing it. My computer constantly is sending and receiving data. even though im not downloading anything. or updating or am on any instant messenger, nothing is running that should need internet yet, constantly there is traffic.

Now I normally prolly wouldnt think much of it but i have another computer in the same state just sitting there doing nothing. So that worries me. Ive run AVG, Mcafee, Spybot and adaware and all of them turned up nothing (other than the usual like tracking cookies annd the sort). Anyone have any suggestions on what I could run next to try and resolve this please Thanks. Rlincoln24

Additionally if anyone knows of a tool that will allow me to monitor my network connection and see waht is using it where data is going and what not id appreciate it thanks.

A:Constant Network Traffic

Look in the Task Manager and see what applications and processes are running.

Read other 8 answers
RELEVANCY SCORE 48.8

I have a port replicator 3001RP  and noticed that when connecting ethernet, it will constantly send ICMP and SNMP to my Default Gateway, is this normal behavior? It's really chatty, do anyone know if is possible to disable this behaviour. \Mattias

Read other answers
RELEVANCY SCORE 48.8

Hi Everyone and thank you for taking a look.

I work on a road project in a rural area here in SL and we have very limited internet connectivity in my office of just 120gb package per month.

but here other employees are using this to download torrents and they have already eaten up 70gb on this month's package. so my bosses are asking me to control the traffic.

so heres the situation, we have setup a network using dhcp and this router (Tplink TD-W8950ND) doent have QOS settings to block incoming ports but to block outgoing traffic from ports(I really hope of blocking p2p ports, thats why I mentioned about port blocking).
I have a computer with administrative rights connected to the router directly and some of those other computers are connected as well with administrative rights. so we cant disconnect them by force as it would cost some complications.

so in short, what I wanna do is to block all the incoming p2p traffic on the network so we may save some bandwidth and data for office use. how can I do this on this situation?
(note: ipcop or anything requires to use a whole separate computer to setup a firewall or something like that isn't an option here. )
Thank You very much and any help is greatly appreciated

A:Blocking p2p traffic on network

Hi,

There is no fool-proof way to block all P2P traffic on a network with non-enterprise equipment, particularly brands like TPLINK.

The problem with P2P programs is they can change the ports they use. Additionally, if your router supports uPNP (and most do), ports can be forwarded via upnp. Some p2p programs can randomise their port too.

Some of the methods you can use to reduce the P2P traffic are:

1). Use OpenDNS and select the P2P/File sharing category.
2). Block known P2P ports.
3). Grab a higher end router
4). Set up packet filtering rules for specific machines (by IP or MAC address)
5). Use a proxy server.
6). Install a third party firewall (such as PIX or Kerio), for blocking some conent.

This list is by no means exhaustive.

for (4) above: At the risk of being too technical, with packet filtering you will get a good level of control. You could open only those ports needed for business use (such as 80, 443, 21, 25, 110), and use a "Implicit Deny" which means that everything else is blocked. But as I said, this is a fairly technical solution. If you're not familiar with packet filtering you'll need to find someone who is.

Here is a site that gives a little info on common port usage:
Common Application Ports - Bandwidth Controller

This may also be of use, but it is quite technical.
TCP/IP Ports

I'd be creating a formal policy on Internet usage at work, and have strong consequences of inappropriate use. Ultimately, that might have more success... Read more

Read other 2 answers
RELEVANCY SCORE 48.8

I know this sounds funny but my network has been running really slow since we installed the DST patches. I thought it was Mcafee but have taken it completely out of the picture and its still really slow. Did a virus check & spyware and got nothing. Even when I print something it takes 2 minutes to finally print.
 

A:Network traffic is slow

What are the system specifications? Computer, RAM, Windows....etc.

Do you have an active anti-virus now? What is running when you look at the processes in the task manager....can you attach a screen shot?
 

Read other 3 answers