Prev: Remote Desktop Help Urgently Needed-SBS 2003
Next: "SBS & EBS Users" group name change on LinkedIn
From: Poodle on 28 Mar 2010 15:00
It would seem I have finally identified the calprit:
deploy.akamaitechnologies.com. The server has been connecting to this website
at every hour of the day. And from what the little that I read from certain
blogs, this is sort of "normal", as some companies use Akamai servers to host
their services, especialy certain antivirus softwares. But I have nonetheless
blocked it and today I saw a significant drop in bandwidth usage. The upside
however is that it would seem NOD32 cant update now. So Im stuck in a dilema.
Any suggestions on how to overcome the akamai servers?
--
Poodle



"Jim Behning SBS MVP" wrote:

> What does the UTM report for workstation usage? I like running
> Wireshark on a problem machine to see what traffic is happening.
> Doesn't your UTM show what the high traffic sites are? Or does it have
> a real time log you can watch?
>
> Do not trust that just one scan system will catch a bug. Run
> Superantispyware, Malwarebytes and something else to see what other
> scanners see.
>
> Back to Wireshark.Use it and also run the SBS best practices analyzer.
>
> I wonder if your machine might be spamming or an open relay. Open
> relay takes so skill to make happen though but a rough smtp engine
> might happen.
>
> On Thu, 25 Mar 2010 01:55:01 -0700, Poodle
> <Poodle(a)discussions.microsoft.com> wrote:
>
> >Hi guys
> >
> >I have SBS2008 Standard Edition. Recently, its been consuming excessive
> >bandwidth. According to my UTM logs, the server uses around 120MB evey hour
> >of the day, resulting in abt 1.6GB data usage daily. This has meant that our
> >5GB cap doesnt last at all. I have reconfigured WSUS to get the bare minimum
> >updates, updates only esential to the busines and also configured WSUS to
> >sync manually. This doesnt seem to have solved the problem. I ran a full
> >system scan using NOD32 antivirus and it found nothing. Forefront updates are
> >also now disabled, but to no resolve.
> >
> >Any ideas guys?
> See what SBS support is working on
> http://blogs.technet.com/sbs/default.aspx
> Check your SBS with the SBS Best Practices Analyzer
> http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
> .
>
From: Larry Struckmeyer[SBS-MVP] on 28 Mar 2010 15:18
Hi Poodle:

Turn on the auto update for only a short window of time in the middle of
the night? Many AV products allow one to update monthly, weekly, daily,
hourly.... choose weekly or daily?

-
Larry
Please post the resolution to your
issue so others may benefit
-
Get Your SBS Health Check at
www.sbsbpa.com


> It would seem I have finally identified the calprit:
> deploy.akamaitechnologies.com. The server has been connecting to this
> website at every hour of the day. And from what the little that I read
> from certain blogs, this is sort of "normal", as some companies use
> Akamai servers to host their services, especialy certain antivirus
> softwares. But I have nonetheless blocked it and today I saw a
> significant drop in bandwidth usage. The upside however is that it
> would seem NOD32 cant update now. So Im stuck in a dilema. Any
> suggestions on how to overcome the akamai servers?
>
> "Jim Behning SBS MVP" wrote:
>
>> What does the UTM report for workstation usage? I like running
>> Wireshark on a problem machine to see what traffic is happening.
>> Doesn't your UTM show what the high traffic sites are? Or does it
>> have a real time log you can watch?
>>
>> Do not trust that just one scan system will catch a bug. Run
>> Superantispyware, Malwarebytes and something else to see what other
>> scanners see.
>>
>> Back to Wireshark.Use it and also run the SBS best practices
>> analyzer.
>>
>> I wonder if your machine might be spamming or an open relay. Open
>> relay takes so skill to make happen though but a rough smtp engine
>> might happen.
>>
>> On Thu, 25 Mar 2010 01:55:01 -0700, Poodle
>> <Poodle(a)discussions.microsoft.com> wrote:
>>> Hi guys
>>>
>>> I have SBS2008 Standard Edition. Recently, its been consuming
>>> excessive bandwidth. According to my UTM logs, the server uses
>>> around 120MB evey hour of the day, resulting in abt 1.6GB data usage
>>> daily. This has meant that our 5GB cap doesnt last at all. I have
>>> reconfigured WSUS to get the bare minimum updates, updates only
>>> esential to the busines and also configured WSUS to sync manually.
>>> This doesnt seem to have solved the problem. I ran a full system
>>> scan using NOD32 antivirus and it found nothing. Forefront updates
>>> are also now disabled, but to no resolve.
>>>
>>> Any ideas guys?
>>>
>> See what SBS support is working on
>> http://blogs.technet.com/sbs/default.aspx
>> Check your SBS with the SBS Best Practices Analyzer
>> http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
>> .


First  |  Prev  | 
Pages: 1 2
Prev: Remote Desktop Help Urgently Needed-SBS 2003
Next: "SBS & EBS Users" group name change on LinkedIn