This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Lansweeper Service attempting to communicate to the internet

TribuneLanSweep
Engaged Sweeper

‎05-18-2009 06:55 PM

We're hearing from our security people, Lansweeper, with Active Scanning enabled, is trying to make connections outside of our network thru port 135. Needless to say, the security folks are watching this very carefully. We know 135 is used to make the initial connection by DCOM to the remote machine being scanned. We can't understand why it would also attempt access to the internet. We're running 3.5.1 upgraded from 3.5 which was upgraded from 3.2.

Everything else is behaving nicely (Excpet, we can't talk to NT machines)

Thanks in advance
Labels:
0 Kudos
4 REPLIES 4
TribuneLanSweep
Engaged Sweeper

‎05-18-2009 10:11 PM

Thanks for the help! We have a place to start
0 Kudos
TribuneLanSweep
Engaged Sweeper

‎05-18-2009 09:26 PM

Thanks for the quick reply. The issue isn't that lansweeper's having problems finding clients thru ACTIVE SCANNING. Active scanning is enabled and it appears to be functioning. Machines are being discovered and the DB is growing. The issue is there seems to be traffic from lansweeper trying to access the internet. At least this is what I'm hearing from network security. There are some AD domain namespaces within our enterprise with the .COM in the namespace. Could that factor in to this?
0 Kudos
Hemoco
Lansweeper Alumni
In response to TribuneLanSweep

‎05-18-2009 09:49 PM

TribuneLanSweeper wrote:
There are some AD domain namespaces within our enterprise with the .COM in the namespace. Could that factor in to this?


I understand your issue.

If the dns is somehow misconfigured it's possible.
We had one client who had this problem with one subdomain ending on .net. (all subdomain ended on "company.net" but the settings for this one subdomain solved the problem)
As a result several other problems they didn't know they had were solved meanwhile.
0 Kudos
Hemoco
Lansweeper Alumni

‎05-18-2009 09:09 PM

Is this with active scanning or with lsclient?
Active scanning gets the computer's FQDN name from active directory and tries to scan this first.
If this fails it tries the netbios name and the IP address (queried from dns) (both these 3 on port 135 first)

It could be that:

A fqdn is misconfigured
DNS lookups is misconfigured.

To which IP is Lansweeper connecting?
Maybe you can do a reverse lookup to find out the domain name.

You could take a look at your error table to see which computers are failing.

PS.
only win2000 and above is supported.
0 Kudos

Archive

This board contains archived posts from the retired Lansweeper Forum and Insiders Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now