A Case Study of Network Fault Analysis in a Hospital

News 2023-09-03 10:58:20 views: null

1. Background

According to user feedback from the First Hospital of a certain city, access to the internal business system has recently been slow, which seriously affects user experience and work efficiency.

To solve this problem, we provide real-time and historical raw traffic through the NetInside traffic analysis system. Focus on tracking and analyzing abnormal network traffic to find out the specific reasons for slow network access.

2. Phenomenon

According to user feedback, network freezes began to occur at 13:30 on March 17, 2023. The technical teacher now pinged the server address and lost packets, as shown in the figure below:

3. Detailed analysis

In response to the above abnormal problems, we have adopted the following detailed analysis.

​​​​​​​​ 3.1  Analysis ideas

Track server user experience.

Check the Worm Dynamics data view information under Security Analysis.

Follow up the specific poisoning server situation.

        3.2  Detailed Analysis

Host User Experience Analysis

The investigation found that the user experience of server addresses XXX.XXX.2.173 and XXX.XXX.2.173 was good in the morning, and the average experience time was within 0.2 seconds. There were some high points in the afternoon, reaching 0.8 seconds. Influence.

security analysis

According to the analysis of "Security Analysis" - "Dynamic Worm Virus Data View", it was found that there was an abnormality of a server in the network, and the worm virus graph increased significantly.

Through right-click analysis, it was found that XXX.XXX.2.90 server had 1,201,680 failed requests to access port 445 from 0:00 to 17:56 that day .

Another analysis on March 20 showed that there were 815,830 failed requests to access port 445 from 0:00 to 11:30 .

The analysis found that this server is poisoned, and sending a large number of requests inside and outside so frequently every day will have a serious impact on the network.

4. Analysis conclusion

Through the above system analysis, it is found that there is a network card situation, and a large number of server abnormal requests appear in the network , resulting in user experience freezes.

5. Suggestions

Through the analysis of the data of the First Hospital, it is found that there are abnormal requests on the network, and it is recommended to conduct further analysis and repair in combination with the actual situation of the network.

Guess you like

Origin blog.csdn.net/NetInside_/article/details/130081568
Recommended
LFOSSA Yuanlaisusu Open Course | Mastering the Cloud Native Future: Comprehensive Guide to CNCF Certification and Exam Preparation Tips
Ranking
C++ Basic Syntax
bootstrapTable hides a column based on a condition
Why is reentrant lock recommended instead of Synchronized when dynamic high concurrency?
hexo create a blog
[Fully open source and non-encrypted version] Imitation of the eighth district distribution/online signature/multiple sets of download templates/APP distribution hosting/APP packaging and packaging
Polymerization combination
https://www.flysnow.org/2017/05/06/go-in-action-go-log.html
From the perspective of Flutter and the front-end, talk about how to ensure UI fluency under the single-threaded model
nginx-301, 302 redirect
Geolocation by IP Address in ASP.NET
Daily
More
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)

Code World

© 2018 codetd.com