General discussion

Locked

Network Traffic

By milesrrs ·
Hi
im running w2k server on a small home network, and using a dial up connection for the net....recently, i have noticed that everytime i dial up to the net there seems to be constantly data being sent out on the modem. I have currently been connected to the net for 10 minuts and have sent nearly 5Mb out, even though i havent sent virtually anything. i have run Norton Anti virus and it has not picked anything up, but there is something sending data....any ideas on how to track it down

thanks

Adrian

This conversation is currently closed to new comments.

14 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Network Traffic

by Raffi_ In reply to Network Traffic

It could be a lot of things. :-|

I suggest that you install a firewall and port monitor suh as this one:

http://www.sygate.com/products/shield_ov.htm

Please do make sure that your server has ALL of the latest seurity patches from MS. Havingthe Code Red worm for instance would cause your network to exhibit this behaviour.

Regards
Raffi_

Collapse -

Network Traffic

by milesrrs In reply to Network Traffic

The question was auto-closed by TechRepublic

Collapse -

Network Traffic

by gmscne In reply to Network Traffic

ZoneAlarm will tell you what programs are attempting to communicate with the Internet. You can let a program have this access or you can say no access for the program. It will prompt you for permission on each program trying to communicate. You needto find out what is sending out all this data. It could be spyware. Windows media player 8 and realplayer 8 are such programs.

Collapse -

Network Traffic

by milesrrs In reply to Network Traffic

The question was auto-closed by TechRepublic

Collapse -

Network Traffic

by RAMAC-9846778 In reply to Network Traffic

You might want to go to symantec.com and get the most current upgrade or run some of their worm detection programs. Denial of Service viruses work by running a program on your machine that will send out data to a target computer, when you have a fewthousand machines sending data to the same PC the bandwidth goes away fast.

Hope this helps

Collapse -

Network Traffic

by RAMAC-9846778 In reply to Network Traffic

By the way, I agree with Raffi, since you are running the server version you should check your system for Code Red and symentec's site has a program that will check for Code Red. Also, unless you have a brand new update (within the last couple of weeks) for your virus checker it probably will not detect Code Red.

Collapse -

Network Traffic

by milesrrs In reply to Network Traffic

The question was auto-closed by TechRepublic

Collapse -

Network Traffic

by agustin.rodriguez In reply to Network Traffic

Adrian: since you are running win2k server you should probably make sure that you file and print services anre not utilized trought the modem by disabling the on the bindings also In addition to that I would go to grc.com to do a scan of open portsand see what services you are running that are exposed to the internet. Using the software firewall is also a great idea but it is more likely the Active direcotory bradcasts that are been send out to the internet if you do not check the binding forthe modem. If you really want to make sure no bradcasts go out I would only bind the TCP protocol to the internet connection and nothing more.

Agustin M. Rodriguez, MCSE

Collapse -

Network Traffic

by milesrrs In reply to Network Traffic

The question was auto-closed by TechRepublic

Collapse -

Network Traffic

by mcmunt In reply to Network Traffic

If all the above don't find much, then you might want to install a traffic analyser like Network Monitor. At least then you'll be able to see where all that data is going to in the form of an IP address. 5MB does seem a lot though and is reason for concern

Back to Windows Forum
14 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums