LAN Connection Status

Posted on 2011-10-03
Last Modified: 2012-05-12

Hello there,

i had assigned static ip to my LAN,but now i see it is changed to dynamic which is weird,since i did not change it.when i go to the properties of the LAN Connection and select the Support Tab in there it says IP and DG which is what i had assigned as static. and in the General Tab,the Received Activity is just counting,i mean downloading but dont know what.
please help. this server is behand a sonicwall TW210 appliance. i figured this by chance when i was trying to Remote Desktop this machine from my LAN machine and I could not connect to this machine from my lan machine

Question by:zolf
    LVL 13

    Assisted Solution

    it seems that someone is tampering with your server. If you set up you server with a static ip(1 static ip) address there is no way (not known to me at least) that  can change that . except fake ips (169.XXX.XXX.XXX) which  dont stay forever.
    remove all your ip settings and set them up again. check also who might reconfiguring the computer...
    hope that helps
    LVL 12

    Assisted Solution

    i would suggest running some spyware etc software just to be on the safe side.

    Author Comment


    no one knows the password of th eserver except me. i have again assigned the ips and changed the password.
    what spyware do i run on windows serer 2003
    LVL 10

    Accepted Solution

    Hi is the IP address which you have assigned for the server.

    You are trying to connect to it from which is on a different network. Is there any routing taking place. If there is no routing then it is not supposed to work.

    Correct me if i havent understood your scenario. Activity will be there as there weill be different activities on the cable, its never meant to be idle

    When you go to the properties, does it say the IP is assigned dynamically? Go to command prompt type ipconfig /all and find the address of the DHCP server which is assigning the IP(if you suspect you are getting it dynamic) now see if you identify the DHCP server.

    Please update here

    LVL 12

    Expert Comment

    @zolf malwarebytes should be fine

    Author Comment


    >>You are trying to connect to it from which is on a different network. Is there any routing taking place. If there is no routing then it is not supposed to work

    this server is in a DMZ,configured in the Sonicwall to allow the two subnets to communicate to each other.

    >>When you go to the properties, does it say the IP is assigned dynamically?
    when i setup the server,i assigned it static ip,but for some reason it was switched to dynamic and i learnt about this by change,when i could not connect anymore from my 192.168.0 subnet to this machine.

    about the received,it is receiving data in 10,000 Bytes,so it means a lot of activity is going on.


    Author Comment


    Author Comment


    this netstat is after running the malware app. there is an Foreign IP in it.what is that.

    LVL 10

    Expert Comment

    Here it showsI P address is configured statically

    Ethernet adapter Local Area Connection 2:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : VIA VT6105 Rhine III Compatible Fast Ethe
    rnet Adapter #2
       Physical Address. . . . . . . . . : 00-22-B0-E2-C1-02
      DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . :
       Subnet Mask . . . . . . . . . . . :
       Default Gateway . . . . . . . . . :
       DNS Servers . . . . . . . . . . . :

    The IP geolookup gave the following information

    IP address [?]: [Copy][Whois] [Reverse IP]  
    IP country code: DE
    IP address country: Germany
    IP address state: n/a
    IP address city: n/a
    IP address latitude: 51.0000
    IP address longitude: 9.0000
    ISP of this IP [?]: Tinet SpA

    Does this help you to identify anything?
    LVL 10

    Expert Comment

    I would ask you to do the following.

    Try configuring the IP address statically again. Please note the time.

    take a screen shot of the IP config /all

    Check occassionally to see when the IP address changed again to dynamic

    Take ss of ipconfig /all

    Now please go to event viewer and check any suspicious event between the above noted time and now. Please update here

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Suggested Solutions

    Title # Comments Views Activity
    increase internet speed 3 36
    Cisco Netflow Tools 3 45
    does nexus 9k support nbar 5 53
    Questions on windows ports 13 53
    Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state …
    Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now