Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Uncontrolled Generated Internet Traffic

Posted on 2013-01-06
7
Medium Priority
?
286 Views
Last Modified: 2013-02-16
Hi Guys,

We are using a 3rd party internet proxy server at a site for workstations to have controlled internet access.

Over the December period there were extremely high internet usage and traffic through- put on the internet proxy server.

Upon investigation we found thousands of the following URL requests in the log files.
In an attempt to stop the persistant lookup we asked the users to use Firefox instead of IE (not sure if this will stop the occurance)

http://www.google.co.za/webhp HTTP/1.1

Does anyone perhaps know what this URL on Google refers to, and why it would popup thousands of times in the logs?
0
Comment
Question by:Rupert Eghardt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38749926
Looks like it might be related to the Google Toolbar or another Google service.  http://answers.yahoo.com/question/index?qid=20080304152357AA4DT3U
0
 

Author Comment

by:Rupert Eghardt
ID: 38749946
Thanks Dave,

I agree.  It is quite a tricky one, as we are unable to block all Google traffic in the proxy config.  

I wonder how one could prevent these site-visits from pushing up the internet usage?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38749986
Are you in South Africa?  Maybe you can get rid of all the Google Toolbars.  They aren't actually needed for anything but feeding Google's marketing machine.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:Rupert Eghardt
ID: 38816056
We are still experiencing high traffic in IE when inserting the internet proxy settings.
The logs report continuous recurring entries:  http://www.google.co.za/webhp HTTP/1.1

When we remove the settings and use Firefox instead, the activity stops and the usage drops to normal.

In IE I am unable to identify any obvious cause, no toolbars, no "add-on's"

I have even tried uninstalling IE and reinstalling.  The traffic re-occurs as soon as IE has the proxy settings configured.  I guess it must be a 3rd party application using the IE settings?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38816195
Looks like it is a 'redirect' virus or trojan.  It is capable of infecting Firefox too.  http://www.bleepingcomputer.com/forums/topic309331.html
0
 

Accepted Solution

by:
Rupert Eghardt earned 0 total points
ID: 38875809
No solution found, using Firefox instead for the time being
0
 

Author Closing Comment

by:Rupert Eghardt
ID: 38896125
No solution found, using Firefox instead for the time being
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question