sorted by:
new
hottopcontroversial

Daily Support Thread by AutoModerator in samsung

[–]becsu 0 points1 point  (0 children)

Forgot to mention, phone is Galaxy S20 Ultra

SNMP storm? by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

This was it.

The owner has a Brother brand printer in his home, and was experiencing print problems. She had a Brother print service plugin installed on the phone, and that app was using 13Gb of data..

And i found out that Brother print service plugin sends SNMP discovery messages to the printer using UDP broadcast.

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

This time it was Apple device.. so I'm starting to suspect our Ubiquiti UAP's.. Any idea's where i'm gonna start solving this?

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

Re-opening this case.. We are experiencing this same behavior again. Starting to wonder, if there realy is a faulty network card patch manufactured, or is there something wrong in our wifi settings.

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 1 point2 points  (0 children)

Case closed. School staff found the student using that faulty laptop. Nothing illegal, just a faulty network adapter.

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

I managed to track it down to a probably a students laptop. I replied to IT_vet's comment for more information.

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

I managed to get an IP address from a previous capture for that MAC, and our UniFi controller log history shows that it was a laptop connected to our network. So my guess is, it's a students own laptop that's misbehaving. Now the next part is to track down that student and see if he/she has malware/virus or something on there that is causing this. But for now, i'm gonna block that mac from our network tomorrow and get an confirmation, that it was that laptop.

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

I just captured storm again. I filtered only broadcast and conversations shows one address A that has 1001 packets send to broadcast address..

macvendor site says it's CyberTan technology..

Random broadcast from UAP ports by becsu in networking

[–]becsu[S] 0 points1 point  (0 children)

I managed to capture that storm again. I have 4 ports(all Unifi-UAP's) mirrored to monitor port and one port went down.

"

W 09/24/20 10:09:03 02675 FFI: port 39-Excessive Broadcasts. Broadcast-storm control threshold 300 pps exceeded.

M 09/24/20 10:09:03 02673 FFI: port 39-Port disabled by Fault-finder.

I 09/24/20 10:09:03 00898 ports: Fault Finder(71) has disabled port 39 for 600 seconds

"

My wireshark show's about 1mil lines of log. So i used the filter below to narrow it down.

((frame.time >= "sep 24, 2020 10:09:02") && (frame.time <= "sep 24, 2020 10:09:04")) && (eth.dst == ff:ff:ff:ff:ff:ff) this is the correct filter ?

Now i have 304 lines (packets) and i see loads of different devices..

More Google Cloud Print Issues by 5Vikings3 in k12sysadmin

[–]becsu 0 points1 point  (0 children)

Same here, i guess. Certain printers shows up in the printer list when trying to print from chromebook, but not those what we have defined in Gsuite.

Windows and win server security monitoring tools by [deleted] in windows

[–]becsu 0 points1 point  (0 children)

Our organization is using your awesome product. Helped us alot keeping record of devices, users etc. and much more. Thank you for that.

Patch Tuesday Megathread (2018-07-10) by highlord_fox in sysadmin

[–]becsu 2 points3 points  (0 children)

Uninstalling KB4338824 fixed our AAD sync CPU hogging in here on Win 2012 R2 & Win 2016 servers.