Hey everyone, I'm new and I've got something that has baffled me!
My network consists of 40 XP Machines, 5 2003 Servers and 3 Fedora Servers, I also have a watchguard firewall/router in place as my gateway.
My problem:
Last week a computer started flooding the network with ICMP pings. Enough to bring us down completely. Nothing was wrong with that PC. I scanned every inch of it, every which way. It had an IP of 192.168.1.81. I found that any computer that gets that IP (no matter if it's through DCHP or statically configured) floods the network.
I checked to make sure we had no rules in the firewall that pertained to that IP and we did not. I excluded that IP from the DHCP scope so that no one would get it. I've since been searching for the source. This week I had ANOTHER IP (192.168.1.190) cause that same trouble. The orginal IP that was causing this is no longer giving an problems, just the 192.168.1.190. It's like something morphed?
Does anyone have any ideas? I'm so lost! If this happens to one of my production servers, I'm going to be in a mess!
Thanks in advanced for any insight!
Microsoft Windows (other)