Jump to content
Login with your Gmail HERE and start posting in seconds! ×

Problem With New Pc

opalhort

By opalhort
in IT and Computers

 Share

Recommended Posts

opalhort Platinum Member

opalhort

Posted
Posted

Hi,

I just got a new PC (WIN-XP-Pro (legal!))

We have three other PCs (2 WIN-XP and one WIN98) on an ADSL router.

I observed constant data traffic between the new PC and one other WIN-XP PC.

All PCs are clean (spyware/Virus).

When I disable 'file/printer sharing' on either one of the affected PCs the traffic stops.

All running process on both PCs are the ones which should be running as far as I can judge.

HDD indicators:

on the older PC the red light is almost constantly on with occasional blinking, on the new PC the HDD activity light is very low (running on-off at high frequency).

First I thought this may have something to do with the PCs indexing the files but after 5 days (not 24/7 - the new PC is only on for 2-3hrs. a day for now) it is still going on and I have some doubts as to what may be running, causing the two PCs talking to each other all the time.

How can I find out which PC is the initiator of the traffic and which process/program is responsible for it?

All other data traffic to/from the other PCs and the Internet via the router are accounted for and correct. The problem is only between the two PCs on the LAN.

Any ideas?

opalhort

cdnvic Star Member

cdnvic

Posted
Posted

That's most likely NetBios traffic resulting from file and print sharing being enabled. It's nothing to sweat unless you want to squeeze every last drop of bandwidth.

Simmo Silver Member

Simmo

Posted
Posted

Install ethereal on one of the PC's then run a packet capture to see what the traffic is. Sounds pretty normal if you're sharing a printer or file share from one to the other.

silvero Senior Member

silvero

Posted
Posted
How can I find out which PC is the initiator of the traffic and which process/program is responsible for it?

Download and run TcpView from here:

http://www.microsoft.com/technet/sysintern...ng/TcpView.mspx

From sysinternals.com: ... it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.

I'd agree with previous posters that it all sounds very normal, but it's good to check.

opalhort Platinum Member

opalhort

Posted
  • Author
Posted

Thanks for all your replies and links.

I used the TcpView.

the traffic originates from the new PC, process: System4, address:netbios-ssn and microsoft-ds

(whatever that means)

I was only wondering why this has been going on for so many days already, but it appears to (hopefully?) harmless.

opalhort

cdnvic Star Member

cdnvic

Posted
Posted
Thanks for all your replies and links.

I used the TcpView.

the traffic originates from the new PC, process: System4, address:netbios-ssn and microsoft-ds

(whatever that means)

That is normal traffic for file/print sharing then.

rio666uk Gold Member

rio666uk

Posted
Posted

nothing further to add... but its interesting (in a dull networky way) to, as suggested, run ethereal and actually watch the various protocol traffic passing from a to b

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...