Further confirm that there is definitely an automatic scanning attack on the host< Br/>
&Nbsp& Nbsp; Fault handling: After identifying the root cause of the problem, the host was isolated. After a period of testing, the network packet loss phenomenon was alleviated, but the problem was not fundamentally resolved. So the network protocol analysis system was restarted to capture and analyze, and another host with a similar situation was discovered. Based on this, it can be concluded that both hosts are infected with a virus, and the virus will actively scan other hosts in the network to see if they have opened the TCP445 port. If a host opens the port, it will attack and infect that host. This cycle triggered the aforementioned network failure. Immediately physically isolate the two newly discovered hosts infected with the virus, restore network communication to normal, and then perform antivirus treatment on the terminal< Br/>
&Nbsp& Nbsp; (3) The network data packet has experienced severe latency, and services such as downloading and browsing cannot be used normally.
&Nbsp& Nbsp; Fault phenomenon: The daily data sharing within the local area network is normal, but the speed of outgoing browsing and downloading data significantly decreases. When using the Ping command, it was found that the network latency in a certain direction is particularly high, and there is even a small amount of packet loss< Br/>
&Nbsp& Nbsp; Fault analysis: Generally, telnet is used to remotely log in to the switch in that direction. Taking Huawei series switches as an example, enter the following command:
&Nbsp& Nbsp# Displaycpu View Switch CPU Utilization
&Nbsp& Nbsp# Displaymemory to view memory utilization
&Nbsp& Nbsp; Discover that both are very high, and then enter the command
&Nbsp& Nbsp# Displayinterface port number, check the data traffic under each port, and find that two of the ports have particularly high data traffic, which is much higher than the normal network traffic. Through packet analysis of its data flow, it was found that multiple threads were pointing to a movie section on a certain website. To avoid affecting the smooth flow of the entire network, the connected switch was processed< Br/>
&Nbsp& Nbsp; Fault handling: Enter the port configuration interface, enter the Shutdown command, forcibly close the port to disconnect it from the network, contact the terminal user, and instruct them to terminate the download process before restoring their network< Br/>
&Nbsp& Nbsp; There are many factors that can cause network packet loss, with randomness and contingency. Therefore, as a network manager, it is necessary to consider various factors, master network troubleshooting skills, and accumulate practical experience in order to quickly locate and eliminate network faults< Br/>
&Nbsp& Nbsp; Seten, a trusted server hardware and solution provider in the global digital processUsing&quo; Spot+Agency quo; Model, rapid response, specialized management, and professional and efficient services to assist partners in achieving digital upgrades and winning the new data era. Seten has three main product lines: Samsung SSD, Memory (RDIMM), SOLIDIGMSSD, and Broadcom network products. At the same time, it is also a distributor for NVIDIA Melosi network products and ultra fusion XFUSION servers.