Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
ilya8cg2021-10-07 12:55:53
Computer networks
ilya8cg, 2021-10-07 12:55:53

How to identify a separate machine downloading the traffic of the enterprise network?

Hello! In general, there is an organization in which there are about fifty working machines + 15 servers with raised virtual machines of various kinds and purposes. Recently, for unknown reasons, the network speed has dropped in the organization - it feels like someone turned off the optics and connected the good old ADSL at a speed of 800 Kb / s (moreover, it is important to note that the speed fell exactly fixedly and has been working for about a week in this mode).

Now there is an assumption that the old Zentyal server version 4 can create a problem, but despite this, I also had a great desire to analyze the enterprise network. This is also important because there are no special restrictions on installing and configuring software on computers in an organization, so anyone can safely install a torrent client and drive traffic. To solve this problem, I thought to use Wireshark, but to be honest, I’m not sure that it is necessary to use it - firstly, because apart from this software I don’t know other sniffers, and secondly, I am also familiar with WIreshark only in absentia and therefore in I am not competent enough in this matter.

I would appreciate any help and advice. Peace everyone!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
G
Gansterito, 2021-10-07
@Gansterito

0. Install fully managed hardware (switches).
1. Segment the network. By geography (building, wing floor), by structural subdivisions (department, department) - whatever you like. Separately - a segment for cameras and access control.
2. Install a router / firewall and strictly delimit internal access according to functional criteria (like design engineers do not need access to 1C, and an accountant does not need access to git).
3. Release to the public internet through a proxy / firewall, taking into account access rights.

Report
R
Ronald McDonald, 2021-10-07
@Zoominger

Go to the router and look, usually there is a page with information.
And call your ISP just in case.

Report
D
DDwrt100, 2021-10-11
@DDwrt100

Configure snmp on hardware and servers.

Similar questions
A
actinon2019-08-12 15:48:13
On which interface is the E1 stream going? 2Reply
S
Sergey Karbivnichy2017-03-15 20:59:41
What is Hacker News website and why is it popular? 1Reply
I
Igor2015-03-11 18:52:33
How can I organize a remote control based on the UDP protocol so that the Arduino + Ethernet Shield is a client, and the server is on a remote PC? 3Reply
A
Artur Ivashko2021-03-10 18:35:17
Why is the outgoing internet speed slow? 2Reply
E
equinox72015-03-12 23:00:56
What is the read / write speed on the hdd connected to the router via USB? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question