I just started using Wireshark because of a network problem I have been
having problems tracking down. Several times during the day, our switches
became "pegged" and no computer was able to access network resources, or get
online.

 

I installed wireshark on our domain controller and noticed there was 1
computer that has thousands of "DCERPC [TCP Retransmission] Request: call_id
442527 opnum: 69 ctx_idx:" packets, in a short amount of time, and little
more than DNS/ARP/BROWSER transmissions from any other computer on the
network.

 

I picked up this laptop and found nothing out of the ordinary, hardware or
software wise. We are running network based Antivirus and that found nothing
as well.

 

Being new to Wireshark, and analyzing packets in general, I was hoping
someone could give me a basis on where to start with this. Are these DCERPC
transmissions causing my network outage or do I need to start looking
elsewhere? 

 

A little background on the network: We are a small Catholic school of less
than 400 students, all with mobile laptops. Fiber runs through the backbone,
wireless access points throughout the school, several servers all running
some version of Windows.

 

 Thanks for the help.

 

Tony.

 

_______________________________________________
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users

Reply via email to