Re: Does listening to my network create extra traffic?

From: Dave Korn (no.spam_at_my.mailbox.invalid)
Date: 10/24/03


Date: Fri, 24 Oct 2003 14:54:57 +0100


<n1pop@hotmail.com> wrote in message
news:f1e2a8c5.0310201444.776c42a6@posting.google.com...
> "Randell D." <you.can.email.me@randelld.at.yahoo.com> wrote in message
news:<O5Mkb.131874$9l5.63091@pd7tw2no>...
>
> > well... if I'm listening to my network, am I doing just that?
>
> Yes.
>
> > Will these
> > programs create any extra traffic on my network?
>
> No. Programs that monitor network traffic do not add to the volume.

.... except that a lot of them (tcpdump and ethereal included) will send DNS
requests to convert the IP addresses they see into human-readable names for
their output. Most software of this kind also has options to disable
name-resolution, but at least for the two I mentioned, it's not done by
default.

  It's generally not a great deal of traffic, but just suppose for example a
box on your network gets hit by some slammer style-worm that goes sending
packets to random addresses? Then for every packet the worm sent, your
network sniffer would send a DNS lookup request, and your DNS server would
send a reply - effectively tripling the amount of traffic the worm itself
would have caused. Apart from this scenario, I can't imagine any other case
where a sniffer would contribute any significant amount of traffic.

   cheers,
        DaveK

--
moderator of
alt.talk.rec.soc.biz.news.comp.humanities.meow.misc.moderated.meow
Burn your ID card!  http://www.optional-identity.org.uk/
Help support the campaign, copy this into your .sig!
Proud Member of the Exclusive "I have been plonked by Davee because he
thinks I'm interesting" List Member #<insert number here>
Master of Many Meowing Minions
Holder of the exhalted PF Chang's Crab Wonton Award for kook spankage above
and beyond the call of hilarity.
PGP Key-ID: 0x0FB504D1 Fingerprint 04B7 2E8C 0245 680E  6484 C441 CEC7 D2BD


Relevant Pages

  • Re: Help with initial small org AD setup convention when using DMZ network
    ... Consider using Dynamic DNS internally (aka Active Directory Integrated ... > firewall which then connects the public IP dmz network to a private IP ... > domain name for such subnets based on the nearest airport code, ... > servers to serve acme.com names for external users. ...
    (microsoft.public.win2000.active_directory)
  • Re: About DNS naming convention for Active Directory
    ... Here's what I did so far, I set up a private network consists of the ... I did an in-place upgrade of the NT4 PDC to Active Directory 2003, ... I had no DNS service at all. ... Joined the 2003 Server as a member server and that went well too. ...
    (microsoft.public.windows.server.dns)
  • Re: IE cant connect to any sites
    ... On the General tab in the Temporary Internet Files Folder, ... Click on "LAN Settings" and make sure everything is blank, ... Network settings ... IP address automatically", click on the DNS tab, disable DNS here, click ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: How do my server 2003 (DNS) know the Internet?
    ... The Multihomed function is not for Internet access. ... has an ip of 156.40.10.10 for that network. ... It is due to a number of reasons, mainly DNS registration of both NICs, whereas you do not want that. ... It's highly recommended to single home all DCs and use a non-DC for the multihoming purposes. ...
    (microsoft.public.windows.server.dns)
  • Re: IE connection issue
    ... Click on "LAN Settings" and make sure everything is blank, ... Network settings ... IP address automatically", click on the DNS tab, disable DNS here, click ... To restore damaged or corrupt Winsock files. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)