Network Issue
-
Hi All,
I having one doubt in network.There is a only one system sending null packets from hundreds of systems.How to identity the single system in a network?How to find the system which is affected by the virus in the system?Can anyone know to identify the issue in a easy manner. -
managed switches?
-
Look at the packets and see where they are coming from. If you can't tell from a WireShark or tcpdump capture, use your switch's interface to tell you what ports are getting the ingress traffic.
-
Managed Switches as well as Unmanagable Switches also
-
basically you need to find the "source" of all of the traffic. you can do so by checking your managed switch or like scott said, use wireshark.
-
Sounds like a broadcast storm, I've seen it caused by both viruses and bad NIC drivers.
-
You'll need to use wireshark then.. I'd check that computer you were having networking issues with a few days ago as my first suspect.
-
Could also be a failing NIC, not just its driver. Long ago, failing NICs were the primary cause of this. Less likely to be a virus as there is little benefit to someone to make malware to just mess up your network a little.
-
@scottalanmiller What are the basic troubleshooting to be caried out for the issue to be resolved.How to identify the system without the Wireshark tools.Any other idea without the tools
-
@Lakshmana said:
@scottalanmiller What are the basic troubleshooting to be caried out for the issue to be resolved.How to identify the system without the Wireshark tools.Any other idea without the tools
The long way? Unplug ports from switches one by one to see which one is causing the issue. This is tedious and highly disruptive.
-
@coliver The production should not be disturbed for the client this is the situation
-
@coliver said:
The long way? Unplug ports from switches one by one to see which one is causing the issue. This is tedious and highly disruptive.
If you lack managed switches, this is the way to go. Short of standing in front of the switches and starring at them hoping to visually identify the traffic from the blinking lights.
-
@scottalanmiller Ok Thank you Sir
-
@Lakshmana said:
@coliver The production should not be disturbed for the client this is the situation
Without being able to use networking tools or look into the managed switch logs you probably won't be able to do this in a way that won't disrupt the production environment.
-
@coliver How to see the managed switch logs.Sorry,I am new to network related issue.Dont get angry guys.
-
@Lakshmana said:
@coliver How to see the managed switch logs.Sorry,I am new to network related issue.Dont get angry guys.
Depends on the switch. Start by logging into it.
-
@Lakshmana said:
@coliver How to see the managed switch logs.Sorry,I am new to network related issue.Dont get angry guys.
What brand and model are your switches?
-
@IRJ Digisol I didnot having model number but it was 48 port switch.The model is?
-
@scottalanmiller Sir can you please give any link to learn about the wireshark to get the null packets details in large network.Since I don't know about the software which is new to work to me.
-
