Yeah, I was able to prove that was the source. Thanks for all your help guys.
-----Original Message----- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, June 04, 2009 4:14 PM To: NT System Admin Issues Subject: Re: Finding a neddle in a haystack So, I think my comment stands - you'll need to monitor port 1733, IIRC. That's easy enough to do, as someone else pointed out, with 'netstat -anp tcp | findstr 1733', or by installing wireshark on the machine and building a bpf filter for that source port. I like wireshark because you can just log packets to a file for review later, but if you've got the other party on the telephone, and he/she/it can initiate the query while you're talking, then the netstat command is much less intrusive. Kurt On Thu, Jun 4, 2009 at 16:05, Jim Majorowicz <jmajorow...@gmail.com> wrote: > He was pulling information from some SQL utility. > > > > From: Brian Desmond [mailto:br...@briandesmond.com] > Sent: Thursday, June 04, 2009 1:17 PM > To: NT System Admin Issues > Subject: RE: Finding a neddle in a haystack > > > > So MAC addresses are only locally significant. If you’ve got this machine > offsite then there’s no way that MAC address is showing up on your end > unless the app is carrying it as metadata or something… > > > > Thanks, > > Brian Desmond > > br...@briandesmond.com > > > > c - 312.731.3132 > > > > Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ > > Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian > > > > From: Jim Majorowicz [mailto:jmajorow...@gmail.com] > Sent: Thursday, June 04, 2009 1:37 PM > To: NT System Admin Issues > Subject: Finding a neddle in a haystack > > > > The developer for one of my clients is trying to figure out what is causing > his app to crash on a regular basis. He’s begun to fixate on a system I > can’t positively identify that connects via SQL on a regular basis. I > suspect it’s the hosted web server, but I don’t have to contact information > for the hosting company, and the person with that information is currently > in China with a spotty connection and hasn’t replied to my emails. > > > > I have the name of the host, and the MAC address but not the IP address. Is > there any way to find the IP based on the MAC, so I can say for sure “That’s > the Webhost?” > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
