Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1533
  • Last Modified:

Can I limit Windows Bandwidth?

Hi everyone and thanks in advance for your help.

I recently had a Virtual Machine on one of my servers in a Data Center compromised because an intern disabled the firewall while doing some testing that one of our Engineers for some stupid reason decided an intern should be allowed access to a live production server.

Anyways, the server was compromised and was uploading at over 300MB/s... yeh MB/s not mb/s. So anyways the data center called me and asked me what was up... So I found the VM causing the issue, powered it down, and labeled it as infected.

One of the engineers wanted to investigate it even though he had no idea what he was doing. So I said it was ok, but he would have to view it using the VMWare server console because I was going to disable the Virtual NIC. I guess he didn't like the lag in the console so he re-enabled the NIC and figured re-enabling the firewall would fix it.

However it didn't and instead of staying under our allocated bandwidth of 20MB/s it once again spiked up to 300+ for almost a week.. We were just charged $2800 in overages... On top of our monthly bill of $600. I was luckily able to get it down to $800 through a little bit of begging and pleading.

I'm going to be implementing a switch in there eventually that I can set a certain bandwidth metric on it and configure it for bursting, but for the time being I'm curious if there is a free/open source program or way of doing this on Windows.

I just want to be able to configure the program to not allow any more than 20MB/s out of the NIC.And another thing that would be nice is that if it sustains a certain bandwidth usage for a certain amount of time it would send a notification.

Technically if there's a program that at least does the 2nd part that would work..

I've found several paid programs  that would do this but no free... I don't know of a way to do this with the wimpy windows routing commands.

Hopefully I gave enough info on this for you to understand what I want.

Thanks a lot!!
0
keith_opswat
Asked:
keith_opswat
3 Solutions
 
gardaraCommented:
I do not know of any free software that can limit bandwith in windows. But the free version of NetBalancer can run 5 process priorities/limits. Maby that's enough for you?
http://seriousbit.com/netbalancer/

What I would do tho is to set up monitoring on your servers.

I use nagios to monitor the bandwith of all my servers, it sends me notifications with warnings and is highly customizable.
However the nagios server runs only on linux, but you can monitor windows machines.. I noticed that you said that you run virtual machines... Running a virtual machine with linux/nagios might be smart to monitor bandwidth and other things on your virtual machines.

Cacti is quite good too and can monitor machines and send out email warnings, it runs on both windows and linux: http://www.cacti.net/

Good luck.
0
 
roticanaitelurCommented:
Hi, I'm not sure what VM version are you using. I guess you can take a look at the traffic shaping. Hmm ... simply assigned this server into a dedicated port in the vswitch and introduce traffic shaping. Hope this helps.

Thanks.
0
 
pwindellCommented:
The answer is called Users Beatings,...and at the extreme,...Public User Beatings.

There is no technical solution for human stupidity.   You told the guy what not to do and he did it anyway,..it is that simple.

To stop the big internet bill set the firewall to totally deny anything coming from that machines IP#.  Then it can communicate to the LAN,... but not leave the LAN.  Fix the VM.  The remove the restriction on the firewall.   Pretty straight forward.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
pwindellCommented:
Or just remove the Default Gateway on the VM's nic before you enable the communication,..then it can communicate but not leave it's local subnet.
0
 
keith_opswatAuthor Commented:
I agree with you pwindell about the user beatings... Anyways I use Pandora FMS but am thinking about switching to Nagios. So I know that's an option I was just hoping someone knew a quick fix type way but I see that there really isn't except for having a switch or router in place that sets the bandwidth on the line.

I'll be dividing the points up among some of the answers. Thanks a lot for your input guys.
0
 
pwindellCommented:
I see that there really isn't except for having a switch or router in place that sets the bandwidth on the line.

Actually I gave two ways,...very simple ones,...and has nothing to do with bandwidth.   Bandwidth has nothing to do with the solution,...stop looking at bandwidth.

Once you fix the infection of the machine the problem will no longer exist.
0
 
aleghartCommented:
>Once you fix the infection of the machine the problem will no longer exist.

Throttling is a band-aid to stem the flow until the source can be found/fixed.  From a remote admin standpoint, it would be prudent to have such a tool.  Sometimes leaving the connection up, but limited, can assist in analysis.
0
 
pwindellCommented:
Yes, having some kind of throttling ability in a generic sense could be useful.  But you don't need it for this case.  You stem the flow at the firewall by denying the machine internet access or by eliminating its ability to route by removing the default gateway.  Repair the infection on the machine.  Then reverse the previous measures.  In two hours or less you could have the machine fixed and that would be the end of it.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now