Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Urgent Problem 1

Status
Not open for further replies.
shannanl

shannanl

IS-IT--Management
Apr 24, 2003
1,071
US
Over the last couple of weeks we have been getting packet storms that flood the switches. I downloaded ethereal to see what was happening. So far this morning it has happened twice.

The first time it showed UDP packets and the source was 192.168.0.82 (the administrators laptop), the destination 192.168.0.255.

The second time it showed ICMP packets and the source was 192.168.0.4 (one of the file servers), the destination was 192.168.0.255.

We use 192.168.0.XXX as our static i.p. scheme. What is doing this? Is something spoofing the i.p. addresses?

Thanks in advance,

Shannan
 
Sort by date Sort by votes
When the final octet is 255, that means those machines are broadcasting. I would guess you have a virus or spyware on those machines.

There might be something spoofing internally. Ethereal should give you the MAC address of the source machine which should help you determine if that traffic is originating from the specified machine.
 
Upvote 0 Downvote
Thanks for the help. I will find that sucker!!

Shannan
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
980
suncit
suncit
lacked
  • Locked
  • Question
problem with windows update on windows server 2016
Replies
1
Views
310
maybeimaleo
maybeimaleo
MoJHK
  • Locked
  • Question
ESXI server upload problem
Replies
3
Views
312
hairlessupportmonkey
hairlessupportmonkey
axilleas
  • Locked
  • Question
Windows 2012 R2 Active directory problem after applying GPO
Replies
7
Views
508
technome
technome

Part and Inventory Search

Sponsor

Back
Top