Solved

Locating "bad" workstation

Posted on 2006-06-25
12
392 Views
Last Modified: 2012-05-05
Small office: One W2K3 + 15PCs

The network is slowing down recently. I need to find which station or stations responsible for.

How to  find them without the need to shut down every PC.

Thank You
0
Comment
Question by:zolpo
  • 2
  • 2
  • 2
  • +5
12 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16979040
your information is too vage to get an idea what's happening or what your problem is
Anyway, I guess you have a domain and all (but at least one) of your 15 PCs is configured to be a potentital master browser.
If that's the case, then there is no other possibility than shutdown the one which claimed to be master.
Configure each and every PC to be neither potential master brower nor backup master browser, then check if problem still there.
0
 
LVL 1

Author Comment

by:zolpo
ID: 16979955
Sorry for not being clear.


It is wan bandwidth issue.

I suspect that there is a virus that is stealing our internet bandwidth.

I will check the browsing. it will take me a day or two.
0
 
LVL 2

Expert Comment

by:abarneslouortho
ID: 16980441
what type of switch are you using? depending on the model, you can see if it has a gui that will tell you what ports are using the most bandwith.  that can help
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16980956
Since you only have 15 computers, unplug them one at a time untill the problem goes away, the last one you unpluged is the problem.

Also run complete virus scan on all computers incase something is spreading.

eb
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16980966
Cisco routers have "ip accounting" that can give you some useful stats, you can also employ tools like Cacti, and Ntop to measure the bandwidth consumed by various pc's or devices.
-rich
0
 
LVL 1

Author Comment

by:zolpo
ID: 16981559
1. We have basic switch. No advanced capabilities.
2. For couple of reasons I can not use the unplugging method now.

I thought to put another PC and configure it as a gatway, so all pcs will go trough it to the internet. The problem is that I do not now how to do that and what tools to use. (I have no knowledge with Linux so please Windows only)

This way that pc will play as an advanced switch.

Maybe my Q should be: How to build a top notch gatway/switch/router from PC.

Please help.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 25 total points
ID: 16983570
There is a windows version of Ntop, and Cacti. If the switch can't do a port mirror, or port spanning, then Ntop won't help unless you install it on each machine. Windows connection sharing is easy to use, however windows can't brake down the bandwidth usage for each pc. Most routers, nowadays, can do some sort of accounting to tell you the number of bytes passed by each machine going through it. http://www.openxtra.co.uk/products/ntop-xtra.php
-rich
0
 
LVL 13

Accepted Solution

by:
prashsax earned 400 total points
ID: 16986751
You can put a HUB between your internet router and the switch.

Then connect a machine on this hub.(This machine will listen to all traffic).

Capture the traffic and see who is eating up the bandwidth.

Use ethereal for capturing the data.
0
 
LVL 10

Assisted Solution

by:stafi
stafi earned 25 total points
ID: 16987486
use this tool:

http://www.omnipeek.com/

0
 
LVL 1

Assisted Solution

by:Zabulon777
Zabulon777 earned 25 total points
ID: 16987764
Try out some different tools.. mostly open source!  There are a lot of ways to detect the machine that is spamming... The hard part is finding one that you like!  GOOD LUCK!

http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html
0
 
LVL 2

Assisted Solution

by:abarneslouortho
abarneslouortho earned 25 total points
ID: 16988533
if you really want to go the route of using a computer as a gateway.... its quite simple...

build a box with 2 nic's.

one nic has a cable from your computer to the switch.

the other nic has a cable from your computer to your internet connection.

not all that hard, just creates a bottleneck in the network, but considering your current situation, you may not notice a difference!! :D

once you have that set up you can monitor network usage with one of those tools linked above.

(just another hard manual way of going about things that wouldnt require building anything, you can go to each individual machine, ctrl+alt+del, then under the networking tab, see if any of them are using a lot of their connection.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As technology users and professionals, we’re always learning. Our universal interest in advancing our knowledge of the trade is unmatched by most industries. It’s a curiosity that makes sense, given the climate of change. Within that, there lies a…
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question