This is our old Q&A Site. Please post any new questions and answers at

I can no longer use google search . It says that my network is sending automatic requests. I discovered wireshark and I want to ask if I can use it to know what computer (lan ip) is sending all this queries to google. Maybe it has a virus or something.

If It's possible to do this, how do I do it ? Im not a network specialist.

asked 25 Nov '13, 01:41

Loling%20Stones's gravatar image

Loling Stones
accept rate: 0%

edited 26 Nov '13, 04:44

Kurt%20Knochner's gravatar image

Kurt Knochner ♦

It's possible for this to happen when you are using a proxy server; therefore, what I would suggest you do first is connect to Google through another internet connection to further see if it is the LAN that's actually causing this. I am still new to Wireshark as well, so I'd like to know the answer to your question as well. (:

Good Luck!

permanent link

answered 25 Nov '13, 06:15

GasShark's gravatar image

accept rate: 0%

Here is what google recommends to identify the problem.


And what google recommends (installing a few malware /antivirus and scaning for malicios software) is not viable

O.K. then you need to capture the traffic in front of your internet router (LAN side). Please read the following wiki how to do that

You will need to mirror/monitor the switch port where your internet router is connected to. If you don't have a switch with port mirroring, these are your options:

As soon as you can capture traffic, you need to run that capture for some time (maybe a few minutes, maybe a few hours, maybe days - if the offending device is currently switched off).

BEWARE: You cannot simply run Wireshark for several hours/days, as your system will run out of RAM. Instead, please use dumpcap to capture only traffic to google servers (based on IP ranges). Please read the Wireshark docs to figure out how that works!


permanent link

answered 25 Nov '13, 06:43

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
accept rate: 15%

edited 26 Nov '13, 04:46

The problem exists on all lan's devices, not just a computer. And what google recommends (installing a few malware /antivirus and scaning for malicios software) is not viable if for example you got 50 pcs (i dont have that many) in the network. Also a lot of pcs got top-end antivirus software, so it can be other reason for the high requests sent to google.

I was able to bypass this issue using different google servers (not the one given by DNS), but It would be nice to know how to use Wireshark to find the root of the problem.

(26 Nov '13, 04:16) Loling Stones

see the UPDATE in my answer.

(26 Nov '13, 04:41) Kurt Knochner ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 25 Nov '13, 01:41

question was seen: 4,861 times

last updated: 26 Nov '13, 04:46

p​o​w​e​r​e​d by O​S​Q​A