?
Solved

translate captures packets, too Many packets sent

Posted on 2004-04-02
4
Medium Priority
?
233 Views
Last Modified: 2013-12-07
So i got this home network with 4 computers on a switch to a router to a cable modem. One of the computers reads a ridiculous amount of packets sent if you leave it on too long. 21 billion packets sent to 5 thousand received.... So I downloaded ethereal and captured the packets, not really understanding them I need help deciphiring my problem.

What the captured packets boil down to are lots of  NBNS protocol , Refreshes for MSHOME or the computers current name or the user thats logged on (Windows XP), originating from the computer to the DNS server

I've run norton antivirus with the newest update and programs to find adware havent located anything either. Here is a sample

Heres an example packet (I havent figured out how to save as a text file or i would paste the whole thing in here...)

Frame 1 (110 bytes on wire, 110 bytes captured)
Ethernet II, Src: 00:02:a5:a0:3c:6f, Dst: 00:0c:41:ba:c8:5e
Internet Protocol, Src Addr: 192.168.0.101 (192.168.0.101), Dst Addr: 200.212.223.100 (200.212.223.100)
User Datagram Protocol, Src Port: netbios-ns (137), Dst Port: netbios-ns (137)
NetBIOS Name Service


Any Ideas? If any other information is required, let me know.

Thanx for any help.
0
Comment
Question by:roger_karam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 10745696
Hi roger_karam,

Check very carefully the subnet mask and gateway settings on that machine.  It looks to me like the PC is trying to figure out what network it's on.

Barring that, try replacing the NIC - this allows looks like "beaconing".

Regards,

Netman66, MCSE, MCT
Microsoft MVP Team
0
 
LVL 5

Author Comment

by:roger_karam
ID: 10761549
hey netman.

thanx for the response, the thing is that all settings are DHCP and none of the other computers seem to be presenting this problem... could it be that the workgroup is different then the others ? its set at mshome... im changing it now, i'll let you know how that goes.

pardon my ignorance, "beaconing"?

thanx,

RK
0
 
LVL 5

Author Comment

by:roger_karam
ID: 10774964
I tried switching the workgroup but that didnt do much, still getting ridiculous amount of packets sent...  

The address its using is the usual 192.*.*.* with a 255.255.255.0 mask, so i really dont know whats going on. The gateway is set to the router and that doesnt seem to be presenting a problem....

Any clues as to what could be happening?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 435 total points
ID: 10795040
Try running these:

Adaware - www.lavasoftusa.com

Spybot Search and Destroy - http://download.com.com/3000-2144-10194058.html?tag=lst-0-1

And run an online scan here - www.pestpatrol.com

With PestPatrol you won't be able to repair unless you buy it - I run it at home and am pleased.

Advise.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question