If you are still in the warranty/support contract for Sonic Wall try
contacting them for what the cause could be and what logs you could check.
My Netscreen I use at home will display how many outgoing sessions each
computer [by IP address] is using. In addition to anti virus software I
would can for Spyware with something like AdAware being sure to update it's
definitions before scanning. There is a free tool from SysInternals called
TCPView that you can use to view the network connections that a computer is
using. It shows the destination IP addresses and ports being used. While a
computer can have multiple sessions your network would be averaging about 25
per computer. Netstat will also show the established connections on a
computer whether lan or wan. If you use the psexec tool from SysInternals
you could run netstat [or any other command line tool] remotely on the other
network computers. If you are not using a default block all outgoing
firewall rule, you may want to implement one and allow users to access only
authorized outbound ports. That would also help shut down trojan traffic
[hopefully you don't have any] . --- Steve
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
http://www.sysinternals.com/ntw2k/freeware/psexec.shtml
"rob" <(E-Mail Removed)> wrote in message
news:241601c4a4ca$9130f3b0$(E-Mail Removed)...
> We are running MS Server 2003, using a 3rd party firewall
> called SonicWall. We have approx 80 users, and every 4-5
> hours, the firewall exceeds its connections of 2048. We
> can't understand how it could reach 2048 connections with
> only 80 users.
> We've scanned all PC's manually and forced with Symantec
> AntiVirus 8.1 and havent found any 'know' viruses that
> could be causing this. The logs on the firewall arent
> very helpful
> Any ideas where to point me to look for the problem.
>
> Any input welcome.
> rb
Similar Threads
Linear Mode
