Re: Web Traffic by Hour

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

---

• From: hijack <hijack@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Fri, 19 Sep 2008 00:40:01 -0700

---

Thanks for your valuable advice. I did consider using one of these tools But
I am not an expert in using these. I will have to take time off to learn how
to use them.

Thanks again
Jack


"Jim Behning SBS MVP" wrote:

If you have a network hub you can attach the problem workstation a
good workstation and the network connection to the hub. Install
Wireshark and watch what is happening.

Or install Wireshark on the infected machine to see if there is any
unexpected traffic. Best bet it to format the workstation. I am often
stubborn and try to clena up workstations but in reality it is usually
more time/cost effective to format and start from scratch.

Wireshark is a network monitoring utility. You can watch all traffic
from your workstation. With network switches I don't think you can
watch the whole network. That is part of the nature of a switch which
is more efficient than a hub. Hub can let you watch everything
depending on where it is installed. More exeprienced network folks may
have other network monitoring ideas.

If your server is a two nic server you can run Wireshark on the nics
as all internet traffic has to go through it. You can see weird stuff.
You can run filters to help deal with gazillions of packets.

I was playing with Microsoft's new Netmon today. It may do some things
similar to Wireshark.

http://www.wireshark.org/
and Netmon
http://www.microsoft.com/downloads/details.aspx?FamilyID=f4db40af-1e08-4a21-a26b-ec2f4dc4190d&DisplayLang=en

On Thu, 18 Sep 2008 08:46:01 -0700, hijack
<hijack@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Thanks for your comments. A client pc was infected with a trojan. This has
been cleaned ( I hope). I still find high internal mail activity for this
client pc in the report.
Is there a quick way to monitor the email sending/receiving ports to
establish illicit email ?
--
Thanks for the help
Jack


"Jim Behning SBS MVP" wrote:

In ISA 2004 you can limit the number of connections per client. I
think the default is 160. You can be doing IM, while listening to your
liberal radio, while surfing your conservative web pages, while
reading Gmail, ....

Maybe you have some infected workstations? Maybe not. I look at my
network switch during busy times. If I see activity lights freaking
out on workstation ports I will check them for issues. Usually good
antivirus keeps them clean but not always.

On Thu, 18 Sep 2008 07:55:01 -0700, hijack
<hijack@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

I thought that by default the internet can have only two connection. This is
apparent when downloading - only two downloads are possible at a time
(However this can be increased).
What is the importance of the web traffiic report. What is this report
telling me?
--
Thanks for the help
Jack


"Lanwench [MVP - Exchange]" wrote:

hijack <hijack@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

On my SBS2003 std in the usage report (Web Traffic Report by Hour)
indicates 12 100 connections between 1 and 2 Pm. How is this possible
if there are only 15 clients on the network. What has gone wrong?

Connections don't mean user. One user (one computer, really) could have a
gazillion.

See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx

See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx

.

---

• References:
  • Web Traffic by Hour
    • From: hijack
  • Re: Web Traffic by Hour
    • From: Lanwench [MVP - Exchange]
  • Re: Web Traffic by Hour
    • From: hijack
  • Re: Web Traffic by Hour
    • From: Jim Behning SBS MVP
  • Re: Web Traffic by Hour
    • From: hijack
  • Re: Web Traffic by Hour
    • From: Jim Behning SBS MVP

• Prev by Date: vpn authentication issue
• Next by Date: Re: How to force PW policies to non domain clients
• Previous by thread: Re: Web Traffic by Hour
• Next by thread: Re: Web Traffic by Hour
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: Slow login, network browsing on SBS 2003 ... I understand that several workstations in your SBS ... domain are having trouble logging in the domain and access the network ... shares on the SBS Server. ... Let's perform a Clean Boot on the problematic workstation. ... (microsoft.public.windows.server.sbs) Re: Small office Recomondations ... of SBS 2003 will work with Win9x machines, it's best to have either Win2K ... This may mean added $$$ for software/hardware for a total network ... NTBackup to do a nightly backup of the USB drive to the workstation hard ... saving data to the local hard drives). ... (microsoft.public.windows.server.sbs) Re: Setting up client computers after SBS 2003 install ... you are not going to get the good stuff that SBS should be providing. ... examples of how to set up your network. ... > administrator of both the workstation and the network user name so that I ... > "Roger" wrote in message ... (microsoft.public.windows.server.sbs) Re: Cliients Cannot ping or connect to new SBS 2003 Server ... Win2k3 SP2 but that seems very messy and may force a complete server rebuild. ... pinging one workstation from another? ... you may need to install Network Monitor on the ... See what SBS support is working on ... (microsoft.public.windows.server.sbs) Re: Web Traffic by Hour ... good workstation and the network connection to the hub. ... Wireshark and watch what is happening. ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2008-09