Solved

I have a multicast each 5 seconds to 229.111.112.12

Posted on 2013-02-05
6
5,584 Views
Last Modified: 2013-11-22
Hello I have a server 2010 with 4 nics all of them are used  in hyperV and shared with the host machine.

I notice each 5 seconds every nic send a connection to 229.111.112.12 port 3071 that it's refused for the TMG becouse the source IP is simulated.

What is happening?
0
Comment
Question by:limmontreefree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 78

Assisted Solution

by:arnold
arnold earned 166 total points
ID: 38858998
http://www.petri.co.il/forums/showthread.php?t=37512

You may have an app/service that is broadcasting these events. Run hijackthis and post the results.
0
 
LVL 21

Assisted Solution

by:Rick_O_Shay
Rick_O_Shay earned 167 total points
ID: 38860949
I see in another place that "MegaRaid software may be sending these packets to communicate with a management console, management software, or to broadcast it's existence to other servers" which means this is normal multicasts if you have MegaRaid.
0
 

Author Comment

by:limmontreefree
ID: 38888494
I have already run the hijackthis and here are the results:
hijackthis.log
0
 
LVL 53

Accepted Solution

by:
strung earned 167 total points
ID: 38913794
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question