0

i have a network of about 40 domain users and i have huge latency wan issues, like 1400ms for google.com pings. I have noticed that the problem goes away after everyone goes home for the day. I would like to know if i should use something like a hub with wireshark on the router or modem to see if there are any irregular activity. I am open to suggestions but i need to isolate which user has the bug. I am assuming it is either downloads or someone spamming out heavily and not knowing. It would be best to trace to ip number so i can just look into dns and find the pc hostname with the problem? This is the first client i have this problem with so never really needed to address it before but not suprised as users don't actually listen to any best practices that we have suggested. Please help, thanks.

just to update, pc's to routers and other computers have ping latency of 1ms so it is right after i hit the wan, using tracert to a web site (random), that i get the massive delay in the responses. As well this is a dsl line with 5mb down and 650kb up (maybe upload saturation?) thanks.

dasko
  • 1,244
  • 1
  • 22
  • 30
  • did it quick and dirty, had a script to log in users as they came in, had a ping program, ping program went from 20ms to 1500ms with timestamp, took timestamp and cross ref to users login into domain. found about 4 that were in that time frame, kept ping running, unplugged each jack and watched till ping went back to 20ms approx, found user with infected system and trojan, gonna wipe. Earlier i said there were 40 users my MISTAKE, i meant to say there are 400 users on this network. anyways, thanks for the suggestions but the above worked much more elegantly.gd –  Apr 21 '10 at 15:57

1 Answers1

1

With only a 650kbps up and 40 users I would be surprised if your up link is not saturated pretty much constantly during the day.

As for how to monitor bandwidth, that was covered pretty extensivly here

Community
  • 1
Zypher
  • 37,405
  • 5
  • 53
  • 95