The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?
Course Of The Month
6 days, 6 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Uncontrolled Generated Internet Traffic
Posted on 2013-01-06
Hi Guys,
We are using a 3rd party internet proxy server at a site for workstations to have controlled internet access.
Over the December period there were extremely high internet usage and traffic through- put on the internet proxy server.
Upon investigation we found thousands of the following URL requests in the log files.
In an attempt to stop the persistant lookup we asked the users to use Firefox instead of IE (not sure if this will stop the occurance)
http://www.google.co.za/webhp HTTP/1.1
Does anyone perhaps know what this URL on Google refers to, and why it would popup thousands of times in the logs?
We are using a 3rd party internet proxy server at a site for workstations to have controlled internet access.
Over the December period there were extremely high internet usage and traffic through- put on the internet proxy server.
Upon investigation we found thousands of the following URL requests in the log files.
In an attempt to stop the persistant lookup we asked the users to use Firefox instead of IE (not sure if this will stop the occurance)
http://www.google.co.za/webhp HTTP/1.1
Does anyone perhaps know what this URL on Google refers to, and why it would popup thousands of times in the logs?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
3
7 Comments
Active today
Looks like it might be related to the Google Toolbar or another Google service. http://answers.yahoo.com/question/index?qid=20080304152357AA4DT3U
Active today
Thanks Dave,
I agree. It is quite a tricky one, as we are unable to block all Google traffic in the proxy config.
I wonder how one could prevent these site-visits from pushing up the internet usage?
I agree. It is quite a tricky one, as we are unable to block all Google traffic in the proxy config.
I wonder how one could prevent these site-visits from pushing up the internet usage?
Active today
Are you in South Africa? Maybe you can get rid of all the Google Toolbars. They aren't actually needed for anything but feeding Google's marketing machine.
Active today
We are still experiencing high traffic in IE when inserting the internet proxy settings.
The logs report continuous recurring entries: http://www.google.co.za/webhp HTTP/1.1
When we remove the settings and use Firefox instead, the activity stops and the usage drops to normal.
In IE I am unable to identify any obvious cause, no toolbars, no "add-on's"
I have even tried uninstalling IE and reinstalling. The traffic re-occurs as soon as IE has the proxy settings configured. I guess it must be a 3rd party application using the IE settings?
The logs report continuous recurring entries: http://www.google.co.za/webhp HTTP/1.1
When we remove the settings and use Firefox instead, the activity stops and the usage drops to normal.
In IE I am unable to identify any obvious cause, no toolbars, no "add-on's"
I have even tried uninstalling IE and reinstalling. The traffic re-occurs as soon as IE has the proxy settings configured. I guess it must be a 3rd party application using the IE settings?
Active today
Looks like it is a 'redirect' virus or trojan. It is capable of infecting Firefox too. http://www.bleepingcomputer.com/forums/topic309331.html
Featured Post
What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| SharePoint and CAML query help | 4 | 26 | |
| Dropdown animation to normal dropdown | 6 | 28 | |
| Cisco L3 Switch - Show DHCP Server's IP Address for every VLAN | 3 | 14 | |
| MSCS Cluster ignoring route add | 1 | 8 |
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works. This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
- Linux
- Windows OS
- Networking
- Paessler
- Network Management
- Network Analysis, Network Operations
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're looking for how to monitor bandwidth using netflow or packet s…
Suggested Courses
Course of the Month6 days, 6 hours left to enroll
734 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.