This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Heavy Traffic to 1 IP address

FormerMember
FormerMember
The IP address in question is mine (IT Staff). Netflow is showing a large, consistent amount of traffic from my machine to multiple workstations on our internal network (on multiple subnets). When I investigate further I see the traffic is a set amount on the hour. I've double-checked that my pc is not sharing any files and don't see any disk activity indicating read/writes, etc. The traffic amount is in the range of 1.2 GB to 4.2 GB per day. Yesterday I was out of the office and Netflow is showing my computer moved 1.7 GB of traffic. When I disconnect my system from the network (pull the network cable) the traffic settles down. Any ideas of where to start tracking this down? Another bit of information. I run multiple tools from my desktop (Active Directory management, AntiVirus management, etc.).
  • FormerMember
    0 FormerMember
    Additional information on this problem. I've narrowed the traffic down to only Microsoft-DS and NetBIOS traffic. I made sure my system was not acting as a Master Browser to rule that out. Any ideas why the system is generating so much traffic?
  • I have also seen large ammounts of Microsoft-DS traffic on pc's within LANs using NTA. From what I could work out it was Windows file sharing.. But its odd that you are not seeing any disk activity or traffic...

    Maybe give TDImon a run and double check network activity..