Solved

Internet very very slow, basically not working at all

Posted on 2006-10-31
11
245 Views
Last Modified: 2013-11-30
Hello,

All of a sudden our internet at work became very very slow, pretty much not working.

Called the isp and they could not ping our router.  Disconnected our network from the router, then they could ping it.  They said we must have a machine on the network slowing down the internet.  Removed all machines one at a time till we found the problem, which turned out to be the domain controller.  It's running Win 2003 SBS, Exchange 2003.  Rebooted, did a lavasoft adaware se scan and virus scan, not sure what is causing the problem.

What should I do from here?

Thanks.
0
Comment
Question by:mmacdougall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +4
11 Comments
 
LVL 6

Expert Comment

by:Austin Texas
ID: 17847869
I'd be willing to bet dollars to dougnuts that someone is using your server to send spam.

Go to the server and open the Exchange System Manager.  Open the Servers branch.  Under the name of your server, click on Queues and tell me if you don't have a bunch of full queues.  A healthy exchange server should show all the queues at or near zero.

If not, open Protocols and SMTP on that same branch and right click the name of your server there to select properties.  In the Access tab click on the Relay button and make sure that you have "only the list below" selected and the list only contains the server's and loopback IP addresses.

Let me know what you find and I'll try to help further.

Thanks - Tex
0
 
LVL 4

Expert Comment

by:tomerlei
ID: 17848282
Trying to replace the NIC could be a worthy check too.
0
 
LVL 29

Expert Comment

by:masnrock
ID: 17849291
Have you tried doing a traffic analysis or even a security check on the DC? TexorcisT assessment is in all likelihood right on the money. That also points out that you need to review your security policy and implementation for your network.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:mmacdougall
ID: 17849628
Tex - In the Queue there were 250 or so, but most looked like they were from our company and just couldn't send because the internet was so slow.  I even disabled outbound mail as a test for 5 minutes and the internet was still the same speed.

only the lis below was also selected.

Now today I come to work and everything is back to normal.  I tried to check from home lastnight at say 2am and it was still down.

Now I'm very confused.

Mansrock - whats the best free software to do a simple traffic analysis?  What will is show me exactly?
0
 
LVL 6

Accepted Solution

by:
Austin Texas earned 500 total points
ID: 17849914
MacDougall -

There are a variety of network monitoring tools you can try: NMap, Etherreal, etc.  None of them are really simple as they deal with very raw (packet level) network data.  You might want to setup Ethereal (http://www.ethereal.com/) to log your traffic and then if your server goes heywire again you can review the log to see where that traffic was coming/going.

I would also using the Use Microsoft Baseline Security Analyzer (MBSA) immediatly.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/HTBaseAnal.asp

You might want to seriously consider having a MS Certified Partner consultant with a certified Competancy in security come out and perform a security analysis of your server.

Let me know what happens.  I'm very interested.

Thanks - Tex
0
 
LVL 6

Expert Comment

by:Austin Texas
ID: 17850046
oh...and if you decide to hire a consultant, you can use this to help you find one:
http://directory.microsoft.com/mprd/default.aspx

 - Tex
0
 
LVL 7

Expert Comment

by:imacgouf
ID: 17855839
Hi,

There are free tools to help you
http://www.sysinternals.com/NetworkingUtilities.html

Mind if you check your Events Viewer to see if there are any Applications and Systems Errors during the period
Post it here so we can help check.  EventID and Source
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 17856056
Firstly check any ports or services are blocked by internet security/firewall or virus infected on your network so download & install the cfports from http://www.nirsoft.net and for network monitor use the NTOP OPEN Extra application from
  www.openxtra.co.uk/downloads/ntop-download.php 
Can you completely reset your router to factory defaults and configure again and cehck the dns server settings of your internal & ISP dns server settings . I think any dns server adresses change from ISP so cehck the all details  from ISP .
Also restart the server / workstation services on win2003 server and restart your server machine.


Good Luck
0
 
LVL 4

Expert Comment

by:Smacky311
ID: 17861699
Grab the MAC address of your server using ipconfig.  If your using Windows Server then use the builtin Network Monitor to scan for a "chatty NIC"...in other words if your server is sending out huge amounts of data...if it is then see what IP address(s) its sending to and this will greatly reduce where the problem is coming from (if its sending huge amounts of packets to a local IP then its not likely a virus or a hijacking).  Also, if its a chatty NIC then replace it.

Use a performance monitor to check CPU usage,memory usage, page faults, network bytes/sec, dropped bytes/sec, and hard drive read/write useage to try and find some over-worked hardware.
0
 

Author Comment

by:mmacdougall
ID: 17861800
Everything has been working fine for a couple days now, so im not sure what happened.

if it happens again, where can I find the builtin Network Monitor?
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 17865198
Goto control panel > Add/Remove programs >Add/remove windows components then in Management & networking tools option clcik on detials and add/install the network monitor and give the your O/s cd .Then you can see the network monitor in your control panel>administrator tools.



Good Luck

0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question