Solved

A user’s machine is being chatty with IP

Posted on 2014-04-30
3
225 Views
Last Modified: 2014-05-08
A user’s machine is being chatty with IP 199.27.105.111., it looks like this IP is associated with rgbcolo.rgbnetworks.com,  or www.layer42.net  or possibly  amazon cloud player. Any thoughts would be great.
Thanks folks
0
Comment
Question by:kennethjk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 94

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40031941
I suggest you get a copy of Wireshark. Put it on a machine on the same subnet as the problem machine. See if you can see in the packets:

1. Excessive packets.
2. Undesirable traffic in the packets. You should be able to see packet contents. I use CommView for this.

It is a very detailed analysis and not always fruitful.

If the site is not in compliance with your company guidelines, have the employee's manager discuss the issue and ask the employee to stop.
0
 

Author Closing Comment

by:kennethjk
ID: 40049861
Thank you so much
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 40050260
@kennethjk  - You are most welcome and I was happy to help.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question