Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 248
  • Last Modified:

Internet very very slow, basically not working at all

Hello,

All of a sudden our internet at work became very very slow, pretty much not working.

Called the isp and they could not ping our router.  Disconnected our network from the router, then they could ping it.  They said we must have a machine on the network slowing down the internet.  Removed all machines one at a time till we found the problem, which turned out to be the domain controller.  It's running Win 2003 SBS, Exchange 2003.  Rebooted, did a lavasoft adaware se scan and virus scan, not sure what is causing the problem.

What should I do from here?

Thanks.
0
mmacdougall
Asked:
mmacdougall
  • 3
  • 2
  • 2
  • +4
1 Solution
 
Austin TexasSystems EngineerCommented:
I'd be willing to bet dollars to dougnuts that someone is using your server to send spam.

Go to the server and open the Exchange System Manager.  Open the Servers branch.  Under the name of your server, click on Queues and tell me if you don't have a bunch of full queues.  A healthy exchange server should show all the queues at or near zero.

If not, open Protocols and SMTP on that same branch and right click the name of your server there to select properties.  In the Access tab click on the Relay button and make sure that you have "only the list below" selected and the list only contains the server's and loopback IP addresses.

Let me know what you find and I'll try to help further.

Thanks - Tex
0
 
tomerleiCommented:
Trying to replace the NIC could be a worthy check too.
0
 
masnrockCommented:
Have you tried doing a traffic analysis or even a security check on the DC? TexorcisT assessment is in all likelihood right on the money. That also points out that you need to review your security policy and implementation for your network.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
mmacdougallAuthor Commented:
Tex - In the Queue there were 250 or so, but most looked like they were from our company and just couldn't send because the internet was so slow.  I even disabled outbound mail as a test for 5 minutes and the internet was still the same speed.

only the lis below was also selected.

Now today I come to work and everything is back to normal.  I tried to check from home lastnight at say 2am and it was still down.

Now I'm very confused.

Mansrock - whats the best free software to do a simple traffic analysis?  What will is show me exactly?
0
 
Austin TexasSystems EngineerCommented:
MacDougall -

There are a variety of network monitoring tools you can try: NMap, Etherreal, etc.  None of them are really simple as they deal with very raw (packet level) network data.  You might want to setup Ethereal (http://www.ethereal.com/) to log your traffic and then if your server goes heywire again you can review the log to see where that traffic was coming/going.

I would also using the Use Microsoft Baseline Security Analyzer (MBSA) immediatly.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/HTBaseAnal.asp

You might want to seriously consider having a MS Certified Partner consultant with a certified Competancy in security come out and perform a security analysis of your server.

Let me know what happens.  I'm very interested.

Thanks - Tex
0
 
Austin TexasSystems EngineerCommented:
oh...and if you decide to hire a consultant, you can use this to help you find one:
http://directory.microsoft.com/mprd/default.aspx

 - Tex
0
 
imacgoufCommented:
Hi,

There are free tools to help you
http://www.sysinternals.com/NetworkingUtilities.html

Mind if you check your Events Viewer to see if there are any Applications and Systems Errors during the period
Post it here so we can help check.  EventID and Source
0
 
kadadi_vCommented:
Firstly check any ports or services are blocked by internet security/firewall or virus infected on your network so download & install the cfports from http://www.nirsoft.net and for network monitor use the NTOP OPEN Extra application from
  www.openxtra.co.uk/downloads/ntop-download.php 
Can you completely reset your router to factory defaults and configure again and cehck the dns server settings of your internal & ISP dns server settings . I think any dns server adresses change from ISP so cehck the all details  from ISP .
Also restart the server / workstation services on win2003 server and restart your server machine.


Good Luck
0
 
Smacky311Commented:
Grab the MAC address of your server using ipconfig.  If your using Windows Server then use the builtin Network Monitor to scan for a "chatty NIC"...in other words if your server is sending out huge amounts of data...if it is then see what IP address(s) its sending to and this will greatly reduce where the problem is coming from (if its sending huge amounts of packets to a local IP then its not likely a virus or a hijacking).  Also, if its a chatty NIC then replace it.

Use a performance monitor to check CPU usage,memory usage, page faults, network bytes/sec, dropped bytes/sec, and hard drive read/write useage to try and find some over-worked hardware.
0
 
mmacdougallAuthor Commented:
Everything has been working fine for a couple days now, so im not sure what happened.

if it happens again, where can I find the builtin Network Monitor?
0
 
kadadi_vCommented:
Goto control panel > Add/Remove programs >Add/remove windows components then in Management & networking tools option clcik on detials and add/install the network monitor and give the your O/s cd .Then you can see the network monitor in your control panel>administrator tools.



Good Luck

0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

  • 3
  • 2
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now