P
Phil McNeill
Hi,
Since Friday roughly 30 PCs on my network of 600 have been sending traffic
to 157.184.0.2 via TCP port 123 (NTP). I am seeing this traffic being
dropped outbound at my firewall and each PC is generating it every 15
seconds. I don't understand why they would all of a sudden start doing
this. I don't see any rogue processes or services running, and if I turn
off the Windows Time Service on the PC, it stops sending the traffic.
Any ideas on what would cause this to pop up all of a sudden on a small
percentage of PCs? Possible that a common print driver could cause this? I
see references to that IP range being the default for some Lexmark printers.
Thanks for any thoughts!
Phil
Since Friday roughly 30 PCs on my network of 600 have been sending traffic
to 157.184.0.2 via TCP port 123 (NTP). I am seeing this traffic being
dropped outbound at my firewall and each PC is generating it every 15
seconds. I don't understand why they would all of a sudden start doing
this. I don't see any rogue processes or services running, and if I turn
off the Windows Time Service on the PC, it stops sending the traffic.
Any ideas on what would cause this to pop up all of a sudden on a small
percentage of PCs? Possible that a common print driver could cause this? I
see references to that IP range being the default for some Lexmark printers.
Thanks for any thoughts!
Phil