R
Ramses Soto-Navarro
I found several Windows workstations on our network broadcasting many times
pers minute. One workstation sent 130+ broadcasts in one hour. Is htat
normal? I noticed it was a Windows NT 4 workstation and I updated it with
SP6 and all Windows Updates. I also noticed that my switches have all lights
blinking all at the same time a few times per second. The speed on the
network seems sluggish sometimes.
Our Exchange server is the one sending the most broadcasts. 195 broadcasts
in one hour. I was able to find these entries using Snort under Linux. I
created a snorth binary dump then using tcpdump and sed I was able to find
the computers broadcasting to .255.
Is it normal for an Exchange server to broadcast 200 times per hour? Is it
normal for a Windows NT 4 workstation and to broadcast more than 100 times
per hour. I also had several Windows 2000 workstations broadcast about every
seconds. I checked our Norton Antivirus server and it did not report any new
infections. We're going around doing as many W2K SP4 updates as possible.
Should I also do the msblast update? What do you recommend?
pers minute. One workstation sent 130+ broadcasts in one hour. Is htat
normal? I noticed it was a Windows NT 4 workstation and I updated it with
SP6 and all Windows Updates. I also noticed that my switches have all lights
blinking all at the same time a few times per second. The speed on the
network seems sluggish sometimes.
Our Exchange server is the one sending the most broadcasts. 195 broadcasts
in one hour. I was able to find these entries using Snort under Linux. I
created a snorth binary dump then using tcpdump and sed I was able to find
the computers broadcasting to .255.
Is it normal for an Exchange server to broadcast 200 times per hour? Is it
normal for a Windows NT 4 workstation and to broadcast more than 100 times
per hour. I also had several Windows 2000 workstations broadcast about every
seconds. I checked our Norton Antivirus server and it did not report any new
infections. We're going around doing as many W2K SP4 updates as possible.
Should I also do the msblast update? What do you recommend?