Help Troubleshooting Office Network Traffic
Ima no expert in networking, tot maybe this is the place to seek enlightenment.
There are 3 PCs on my company's network that is generating 30% of the entire office's traffic. My company has about 100+ PCs, mostly blocked from web content.
PC1: 44,023,823 packets | 62.2GB
PC2: 38,954,530 packets | 48.8GB
PC3: 33,246,492 packets | 37.3GB
Are these normal at all? They are all HTTP-ALT port 8080 traffic.
Outbound Traffic outnumbered inbound by 34Mbps:1.63Mbps
Even during ghost hours like 1-4am there are still traffic generated.
And the firewall is showing the below which I assumed are malware/virus footprint.
- OS-WINDOWS Microsoft Windows SMB anonymous session IPC share access attempt
- FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt
- PROTOCOL-DNS DNS query amplification attempt
Any help will be much appreciated.