• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 341
  • Last Modified:

Traffic causing network problems

We have twice in the past week seen this traffic that appears to be coming from outside our network at first glance to one of our DSL customers.

9      IP-      IP-            64      19:04:26.199174      HTTPS      Src=  443,Dst= 2198
10      IP-      IP-            64      19:04:26.214186      HTTPS      Src=  443,Dst= 2198
11      IP-      IP-            64      19:04:26.244356      HTTPS      Src=  443,Dst= 2198
12      IP-      IP-            64      19:04:26.256164      HTTPS      Src=  443,Dst= 2198
13      IP-      IP-            64      19:04:26.268733      HTTPS      Src=  443,Dst= 2198

While this traffic is present other customers on this network can no longer access the Internet nor can they renew or receive an IP address from our dhcp server.

The 66 address resolves to marketscore.com. Anyone seen this before? One item that comes to mind is that I placed a ACL in our edge router to block all traffic from this particular address with no results. That makes me think the traffic may not have been actually coming from outside. It's currently not happening but if it does again I'll be better able to identify if it in in fact coming from outside.

1 Solution
hmmmm.... marketscore is a proxy that routes all internet traffic through their servers.  block all inbound and outbound to those ips and tell your user to uninstall it.  they also log all that user's web traffic.

Is there any traffic the other direction? It would seem that this traffic is return traffic since it's ssl to a high-numbered port. Or... it's spoofed traffic that's causing your customer a DOS because it doesn't know what to do with these packets?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now