Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1067
  • Last Modified:

Excessive XP Packet Activity

One of my machines is registering an excessive amounts of packets being sent. I have a bunch of XP/2000 machines networked as I'm studying for 70-210. They all seem to work fine and can all communicate well. One machine, which is my main machine, I happened to check the other day and the packets sent read around 500 billion. I rebooted and it picked up where it left off. Right from a clean reboot it started reading about 500 billion packets sent. I left the machine over night and in the morning it read over one trillion packets sent. Rebooting bought it back to about 600 billion. I thought rebooting would pretty much set it back to near zero, as it does that on all other machines. To test, when I would go out to a web site and watch to packets sent and recieved, the sent packet would jump a couple of billion instead of 10 or 20 when I would just go to a site. The recieved packets seem normal; a couple of thousand. There's not much in the start up but Zone Alarm, Nortons, a pop-up stopper and some printer drivers. Even if I were to stop all the programs from starting I don't think that would effect the packets already sent. If I check processes running in task manager all that shows is Idle and Task Manager with normal percentages with the CPU usage around 0-7% . Activity light on machine doesn't indicate that it's churning out packets either. The nic is an integrated Intel Pro/100 on a Gigabyte MB. All machine connected through a Linksys router into a cable connection. Any and all help appreciated.
  • 2
1 Solution
Scan for trojans.

Maybe use SpyBot or Ad-Aware.


Run a protocol analyzer such as ethereal (its free
http://www.ethereal.com/) to see what type of traffic, i.e. broadcasts due to a faulty NIC, etc

Check against trojans and spyware as Netman suggested

While traffic is being generated you can run a
Nestat -an from the command prompt and see where and if there is any connection being established.

Are you running anything like Kazaa or morphious ?

While in task manager compare what processes are running. Here is some links to get you familiar with those processes:


dcpingerAuthor Commented:
I run Norton's automatically and scan weekly and always comes up clean. Ran Ad-Aware and found a few basics like double-click, but removing them had no effect. I only run Kaaza on one of the other machines dedicated to downloading questionable stuff. Running netstat shows that all tcp ports are just listening which I believe means there is no activity. I downloaded ethereal but need a few free minutes to read over how it works. I beginning to feel grind crushers comment about it just being a faulty nic may be right.When the machine is on for just a few hours the packets sent will go 1.5-2.0 trillion. That seems impossible without taking a performance hit and the machine, otherwise, seem like it's running normally.
dcpingerAuthor Commented:
Bad NIC! Swapped it and it works fine . Thanks for pointing me in the right direction.

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now