| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 35355 | 2003-07-09 22:37:00 | high JS traffic on network - no reason... | falvrez (390) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 158647 | 2003-07-11 06:41:00 | i understand the name thing but still do not know what it is..... what it does, etc on what prog? or whole puter ? newbie here humour me...... beetle |
beetle (243) | ||
| 158648 | 2003-07-11 13:21:00 | Hi Beetle, You can check out this Microsoft Knowledge Database article (msdn.microsoft.com) that gives a short answer to your question. If this just whets your apetite for more a search at Microsoft will give you quite a few articles and alerts. HTH |
Gorela (901) | ||
| 158649 | 2003-07-11 21:50:00 | I appreciate the suggestions re updates but as mentioned before, they are disabled on any of the machines that are capable of this. On a side note, I shut down all the workstations yesterday for one hour and left the server on, and then later went and checked the telecom usage meter to see if the traffic had stopped for that hour. Problem was that the usage meter is so fickle that it decided that it would include that period of one hour in the previous and following hours - so I got a report of 90megs for 3 hours, which leaves me none the wiser if it's aworkstation or not...talk about frustration! Went home last night after a week of this and no real answers... |
falvrez (390) | ||
| 158650 | 2003-07-12 11:04:00 | Here's a suggestion: Leave a port scanner to go over the local IP range and see if there are any uncommonly open ports on some. Otherwise you might set up your router (if u can) to block all ports bar 80,21 (mabye some others) and log all other hits, check the logs after about an hour and see if any ports have been hammered and where they come from. Compare with net usage over that hour and if its still high, and no logs, you now know that its using one of 80,21 etc. Can you set individual rules and check counters on them with your router? |
Patryn999 (3748) | ||
| 158651 | 2003-07-12 11:33:00 | would a packet sniffer help, i tink you can find them on the web somewhere try google | beama (111) | ||
| 158652 | 2003-07-13 04:05:00 | Thats an idea too. Sniff all the packets for about 1/2 an hour and arrange by IP's and just look to see if any 1 person is the culprit. | Patryn999 (3748) | ||
| 158653 | 2003-07-13 04:19:00 | ethereal is popular; I use tcpdump in Linux . If you search on this site for "tcpdump ethereal" you'll probably find most oif the threads we have had on this . But do have a look at some of the security links I mentioned in my previous posting . I believe W2k is a bit complicated, and there are a lot of places which are susceptible to bad things . :-( |
Graham L (2) | ||
| 1 2 3 | |||||