If i remember well this could have something to do with nic's from different
brands on the same switch, apparently on very rare occassions these can get
entangled in some really weird stuff and generate such occurency
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
esday, August 05, 2003 2:27 PM
To: [EMAIL PROTECTED]
Subject: RE: Windows XP computer spewing packets
Just went trough the same issue here re: packet count - There was no
correlation b/w the numbers of packets caught on ethereal and the local
area connection status counter.
Found a round-about referen
Just went trough the same issue here re: packet count - There was no
correlation b/w the numbers of packets caught on ethereal and the local
area connection status counter.
Found a round-about reference at
http://eu.computers.toshiba-europe.com/cgi-bin/ToshibaCSG/faq.jsp?FID=tr
o001b96
Appare
ED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 04, 2003 3:59 AM
Subject: Re: Windows XP computer spewing packets
> Hi,
> Yes 10^12 packets is a bit high. In one day (quickly checking
> calculator) there are only 86400 seconds. Do a quick sum and find that
your
>
Hi,
Yes 10^12 packets is a bit high. In one day (quickly checking
calculator) there are only 86400 seconds. Do a quick sum and find that your
system is supposedly sending out over 11,000,000 packets a second average.
Now there is some hardware that could deal with that - but I do not think
I would suspect a compromzied host; recommend a portscan.
Justin
On Fri, Aug 01, 2003 at 11:55:19PM +, chris wrote:
---
That is an incredible amount of packets. Use a sniffer program and capture some of
the packets. If you are not able to identify the packets in the capture then machine
probably has a bot installed; which is probably the case and it is launching a DoS.
The scan results just add to the fishyness
In-Reply-To: <[EMAIL PROTECTED]>
Back when I was in school few months ago the SAME exact thing happened.
First make sure it says packets and not bytes (different versions of
windows read differently). Did you use Ethereal packet sniffer to detect
what packets were being sent? Could be some sort
