Security Basics mailing list archives
Re: Windows XP computer spewing packets
From: chris <chris09 () comcast net>
Date: 1 Aug 2003 17:16:35 -0000
In-Reply-To: <184670-2200385116625244 () M2W075 mail2web com> Back when I was in school few months ago the SAME exact thing happened. First make sure it says packets and not bytes (different versions of windows read differently). Did you use Ethereal packet sniffer to detect what packets were being sent? Could be some sort of broadcast storm due to misconfigured settings etc.. Try the packet sniffer first before you do anything else, its important to know what kind of traffic is leaving the box before you try and fix the problem. Chris http://elusive.filetap.com
Received: (qmail 12376 invoked from network); 1 Aug 2003 16:28:28 -0000 Received: from outgoing2.securityfocus.com (205.206.231.26) by mail.securityfocus.com with SMTP; 1 Aug 2003 16:28:28 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing2.securityfocus.com (Postfix) with QMQP id 424C48F515; Fri, 1 Aug 2003 10:16:36 -0600 (MDT) Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Received: (qmail 22905 invoked from network); 1 Aug 2003 16:10:10 -0000 Message-ID: <184670-2200385116625244 () M2W075 mail2web com> X-Priority: 3 Reply-To: robe0341 () qwest net X-Originating-IP: 12.205.153.15 X-URL: http://mail2web.com/ From: "robe0341 () qwest net" <robe0341 () qwest net> To: security-basics () securityfocus com Subject: Windows XP computer spewing packets Date: Fri, 1 Aug 2003 12:06:25 -0400 MIME-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-OriginalArrivalTime: 01 Aug 2003 16:06:25.0460 (UTC) FILETIME=
[DBC54740:01C35846]
One of the employees here has a Windows laptop, and in the last day, it
ha=
s sent out over 1,000,000,000,000 packets, and received around 30,000=2E
The=
30,000 is a standard load, but the trillion packets seem to be a bit
high=2E=
=20 I've scanned for spyware and viruses and found nothing=2E I tried to
nMap=
Win from the network, and the computer didn't respond, and when he tried to nMapWin his ports, he couldn't find himself, from his own computer=2E Do
=
you have any idea what could be causing this? I'm not to keen on these
packet=
s flying around my network, and if there are security issues, I'm even less keen=2E =20 John roberts -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web=2Ecom/ =2E --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Windows XP computer spewing packets robe0341 () qwest net (Aug 01)
- Re: Windows XP computer spewing packets Dave (Aug 04)
- Re: Windows XP computer spewing packets Jeff Lumley (Aug 04)
- Re: Windows XP computer spewing packets J. Lambrecht (Aug 05)
- <Possible follow-ups>
- Re: Windows XP computer spewing packets chris (Aug 01)
- RE: Windows XP computer spewing packets Mark McConnell (Aug 01)
- Re: Windows XP computer spewing packets Justin Pryzby (Aug 01)
- RE: Windows XP computer spewing packets Kevin O'Shea (Aug 06)
- RE: Windows XP computer spewing packets John Roberts (Aug 06)
- Re: Windows XP computer spewing packets Dave (Aug 04)