Solved

Internet very very slow, basically not working at all

Posted on 2006-10-31
11
241 Views
Last Modified: 2013-11-30
Hello,

All of a sudden our internet at work became very very slow, pretty much not working.

Called the isp and they could not ping our router.  Disconnected our network from the router, then they could ping it.  They said we must have a machine on the network slowing down the internet.  Removed all machines one at a time till we found the problem, which turned out to be the domain controller.  It's running Win 2003 SBS, Exchange 2003.  Rebooted, did a lavasoft adaware se scan and virus scan, not sure what is causing the problem.

What should I do from here?

Thanks.
0
Comment
Question by:mmacdougall
  • 3
  • 2
  • 2
  • +4
11 Comments
 
LVL 5

Expert Comment

by:Austin Texas
ID: 17847869
I'd be willing to bet dollars to dougnuts that someone is using your server to send spam.

Go to the server and open the Exchange System Manager.  Open the Servers branch.  Under the name of your server, click on Queues and tell me if you don't have a bunch of full queues.  A healthy exchange server should show all the queues at or near zero.

If not, open Protocols and SMTP on that same branch and right click the name of your server there to select properties.  In the Access tab click on the Relay button and make sure that you have "only the list below" selected and the list only contains the server's and loopback IP addresses.

Let me know what you find and I'll try to help further.

Thanks - Tex
0
 
LVL 4

Expert Comment

by:tomerlei
ID: 17848282
Trying to replace the NIC could be a worthy check too.
0
 
LVL 24

Expert Comment

by:masnrock
ID: 17849291
Have you tried doing a traffic analysis or even a security check on the DC? TexorcisT assessment is in all likelihood right on the money. That also points out that you need to review your security policy and implementation for your network.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:mmacdougall
ID: 17849628
Tex - In the Queue there were 250 or so, but most looked like they were from our company and just couldn't send because the internet was so slow.  I even disabled outbound mail as a test for 5 minutes and the internet was still the same speed.

only the lis below was also selected.

Now today I come to work and everything is back to normal.  I tried to check from home lastnight at say 2am and it was still down.

Now I'm very confused.

Mansrock - whats the best free software to do a simple traffic analysis?  What will is show me exactly?
0
 
LVL 5

Accepted Solution

by:
Austin Texas earned 500 total points
ID: 17849914
MacDougall -

There are a variety of network monitoring tools you can try: NMap, Etherreal, etc.  None of them are really simple as they deal with very raw (packet level) network data.  You might want to setup Ethereal (http://www.ethereal.com/) to log your traffic and then if your server goes heywire again you can review the log to see where that traffic was coming/going.

I would also using the Use Microsoft Baseline Security Analyzer (MBSA) immediatly.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/HTBaseAnal.asp

You might want to seriously consider having a MS Certified Partner consultant with a certified Competancy in security come out and perform a security analysis of your server.

Let me know what happens.  I'm very interested.

Thanks - Tex
0
 
LVL 5

Expert Comment

by:Austin Texas
ID: 17850046
oh...and if you decide to hire a consultant, you can use this to help you find one:
http://directory.microsoft.com/mprd/default.aspx

 - Tex
0
 
LVL 7

Expert Comment

by:imacgouf
ID: 17855839
Hi,

There are free tools to help you
http://www.sysinternals.com/NetworkingUtilities.html

Mind if you check your Events Viewer to see if there are any Applications and Systems Errors during the period
Post it here so we can help check.  EventID and Source
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 17856056
Firstly check any ports or services are blocked by internet security/firewall or virus infected on your network so download & install the cfports from http://www.nirsoft.net and for network monitor use the NTOP OPEN Extra application from
  www.openxtra.co.uk/downloads/ntop-download.php 
Can you completely reset your router to factory defaults and configure again and cehck the dns server settings of your internal & ISP dns server settings . I think any dns server adresses change from ISP so cehck the all details  from ISP .
Also restart the server / workstation services on win2003 server and restart your server machine.


Good Luck
0
 
LVL 4

Expert Comment

by:Smacky311
ID: 17861699
Grab the MAC address of your server using ipconfig.  If your using Windows Server then use the builtin Network Monitor to scan for a "chatty NIC"...in other words if your server is sending out huge amounts of data...if it is then see what IP address(s) its sending to and this will greatly reduce where the problem is coming from (if its sending huge amounts of packets to a local IP then its not likely a virus or a hijacking).  Also, if its a chatty NIC then replace it.

Use a performance monitor to check CPU usage,memory usage, page faults, network bytes/sec, dropped bytes/sec, and hard drive read/write useage to try and find some over-worked hardware.
0
 

Author Comment

by:mmacdougall
ID: 17861800
Everything has been working fine for a couple days now, so im not sure what happened.

if it happens again, where can I find the builtin Network Monitor?
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 17865198
Goto control panel > Add/Remove programs >Add/remove windows components then in Management & networking tools option clcik on detials and add/install the network monitor and give the your O/s cd .Then you can see the network monitor in your control panel>administrator tools.



Good Luck

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Map local drive to folder for all rdp users 7 40
Application timeout question 2 36
md5 password 3 61
null0 7 23
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question