• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 214
  • Last Modified:

Uploading is Higher then Downloading ... Might be some Lan card are broadcasting My Ip Address .. Can u Please tell me how can i trace them or please tell me how can i solve this problem



presently we get connected to internet using ADSL Router(DLINK, DSL-500T) provided by our ISP, we get connected that router to our PC using "Bridge Mode" and i have installed two lancards on that pc first is using router setting and second is using our LAN i am giving Internet Access to other PCs using my LAN gateway now the problem is from last week or so our ISP has alarmed us of our usage. Generally our downloading and uploading on any work day is approximately 200 MBs and 30 MBs respectively. But we have now the same downloading whereas the uploading creaped upto 800 MBs. Our ISP is saying the problem is in our network not from their end. Two days back we formatted whole of our network to get ourselves satisfied from any virus attack, but of no use and the problem is still persistant.

we have already used sniff-em but it gave out us no result.. if you like to see the Result of scanning sniff-em you can visit here

https://www.indoswift.com/manoj729.html


Could you please provide us the solution for that and oblige.

Manoj
0
manoj729
Asked:
manoj729
  • 7
  • 7
1 Solution
 
manoj729Author Commented:
Sorry Above mention link is not working it is as follows
http://www.indoswift.com/manoj729.html
0
 
Fatal_ExceptionCommented:
Looking at your screenshot of the capture, it appears that most of the traffic is coming FROM 192.168.0.1, which I would assume is your gateway.  Where did you place the capture software?  You need to place the capturing software close as close to your router as possible.

Also, for 20 minutes of capture, that is not much data.  I would suggest you use Ethereal to get a good idea of the traffic on your network.  It will give you a lot more information...

BTW:  seems to be a lot of ARP requests going out on the wire..  And they are for the same MAC Address/IP resolution, and within the 10 minute ARP cache holddown time.. I would be curious as to why..  
0
 
manoj729Author Commented:
I used Ethereal and below mentioned link can tell you the Exact picture of our network..

http://www.indoswift.com/Page.htm
http://www.indoswift.com/Page1.htm
http://www.indoswift.com/Page2.htm

i had used this software first time and i was only able to trace these results ...

i you like to know more reports .. then please tell me how can i Extract them from my network

Thanks



0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
Fatal_ExceptionCommented:
So what machine has the 04 address?  Hard to get a perfect picture without knowing your entire network..  :)  But it appears that you have more than just a few machines on this network, right?  If so, I wonder why you are using ICS to share the internet connection.  Why not install a router (and switch) and let it do the work for you?  just curious.
0
 
manoj729Author Commented:
Hi ...

This time i had configured my Router on my Switch and give it Ip address 192.168.1.1... and also chaged the IP Range of all of mine Pc's ... now again i run ETHEREAL on my lan and the results are as follows

http://www.indoswift.com/Router.htm

Please tell me how can i protect my LAN

Someone told me that there might be some Possibilities that our 139 port is being hacked and it is causing the entire problem
is this TRUE ? if yes then tell me how can i block this Port on my LAN ...

Thanks









0
 
Fatal_ExceptionCommented:
This depends on the router you are using.  If it is a good router, then you can stop any port from being used.  If Cisco, then use extended IP Access-Lists (that can block any port through the use of a deny statement).  

139 is a very dangerous port to have open.  You might want to run some tests from Shields Up to determing what ports are open on your network, then close them down.

https://grc.com/x/ne.dll?bh0bkyd2
0
 
manoj729Author Commented:
When i get scan through that link ... i got this msg

now tell me what does that means

http://www.grc.com/x/ne.dll?rh1dkyd2
0
 
Fatal_ExceptionCommented:
:)  your message is only for you to see (if it is specific).  When I go to that link, it is asking for me to proceed for a scan of my own connection.  Take a screenshot and then I can tell you...
0
 
manoj729Author Commented:
0
 
Fatal_ExceptionCommented:
Looks like you are in good shape regarding port security here!
0
 
manoj729Author Commented:

If everything is Alright ... then what is the problem???

if i found that some Pc's are sending more packets as usual then what shud i do with that PC

how can i stop this happening in my Network ...

is there any Software which can reduce this particular thing

 
0
 
Fatal_ExceptionCommented:
Just because your port security is in place, this does not mean there is not a problem.  You need to isolate what kind of traffic is going out, and from what machine.  Disconnect that machine from the network to make sure it is that system that is causing the flood, and look at the processes running that are creating the traffic.  you can use Process Explorer from Sysinternals to do this.  Run some spyware tools, and AntiVirus (up to date on both!).  

After that, put it back on the network, place ethereal in front of it, and analyze it again to see if it stopped.

FE
0
 
manoj729Author Commented:
Thanks

i am able to get all the things stable..

Uploading and downloading is Normal now

Thanks


0
 
Fatal_ExceptionCommented:
Great!  and thanks!

FE
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 7
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now