Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#148636 - 14/03/2003 13:36 what is causing all this traffic on my home lan?
puckalicious
member

Registered: 18/01/2002
Posts: 171
I'm using w2k pro, and I have noticed recently alot of activity in the form of sent/received packets in the network connection status window. I'm running a home lan with a broadband wireless router. I have 2 computers hard wired to the router and I have the wireless part set to only accept connections from approved mac addresses (none).

Since I'm fairly confident nobody is wirelessly hacking into my lan, maybe some background process is creating the network traffic. Even when no programs are open on either computer I'm seeing about 1 packet sent per second and slightly less for packets received.

1. Is there a way to find out what (if any) programs/processes are sending/receiving network traffic? Any freeware or windows utils?

2. Is this possibly normal network traffic being created by the broadband router? (never really checked before now)

Any suggestions?

Top
#148637 - 14/03/2003 13:39 Re: what is causing all this traffic on my home lan? [Re: puckalicious]
tonyc
carpal tunnel

Registered: 27/06/1999
Posts: 7058
Loc: Pittsburgh, PA
Drop to a DOS window and type "netstat" which will show you all open connections. Won't tell you which *programs* are doing it, but the ports being used might give you a clue.

Don't have Internet Information Server installed, do you? If you do, Port 80 isn't open on your firewall, is it?
_________________________
- Tony C
my empeg stuff

Top
#148638 - 14/03/2003 15:01 Re: what is causing all this traffic on my home lan? [Re: puckalicious]
andy
carpal tunnel

Registered: 10/06/1999
Posts: 5916
Loc: Wivenhoe, Essex, UK
Download a copy of Ethereal from www.ethereal.com and run a packet trace to see what the traffic is. If you don't know how to interpret the packet trace then save it and send it to me (email in my profile). Probably best not to upload the packet trace here, could have password and other sensitive data in it.
_________________________
Remind me to change my signature to something more interesting someday

Top
#148639 - 15/03/2003 12:16 Re: what is causing all this traffic on my home lan? [Re: andy]
image
old hand

Registered: 28/04/2002
Posts: 770
Loc: Los Angeles, CA
theres also a handy little program called ItCan. i use that exclusively to monitor the amount of bandwidth each connection is using.

Top
#148640 - 15/03/2003 15:06 Re: what is causing all this traffic on my home lan? [Re: andy]
puckalicious
member

Registered: 18/01/2002
Posts: 171
Well I downloaded TCPView from another suggestion and checked out what's going on. I guess it's normal traffic? Here are the processes that came up:

ALERTSVC.EXE
LSASS.EXE
mstask.exe
POPROXY.EXE
svchost.exe
System

The last one is the only thing that confuses me because it showed up 3 times for TCP and 3 for UDP with local addresses like "microsoft-ds" and "netbios-ssn", "netbios-ns", and "netbios-dgm". Could this have something to do with Windows Update? I have it set to automatically check for new windows patches.

Top
#148641 - 15/03/2003 17:38 Re: what is causing all this traffic on my home lan? [Re: puckalicious]
mcomb
pooh-bah

Registered: 31/08/1999
Posts: 1649
Loc: San Carlos, CA
The last one is the only thing that confuses me because it showed up 3 times for TCP and 3 for UDP with local addresses like "microsoft-ds" and "netbios-ssn", "netbios-ns", and "netbios-dgm".

Don't worry, that is just microsoft sending your credit card numbers, bank statements, and mothers maiden name back to their central servers. Nothing to worry about of course.

;-)
_________________________
EmpMenuX - ext3 filesystem - Empeg iTunes integration

Top
#148642 - 15/03/2003 18:35 Re: what is causing all this traffic on my home lan? [Re: puckalicious]
JrFaust
member

Registered: 07/02/2002
Posts: 193
Loc: New Richmond, WI
Umm if you have all the lastest Micro$oft updates or at least IE6sp1 I believe the system checks back at Micro$oft.com for system updates. There is a way to shut that down I know it's under System Properties then Automatic Updates tab in Win XP but I can't remember if W2K gets that same tab or not.
_________________________
Drive fast, Play it loud!!!
20GB Original Blue Lens MKIIa Rio SN 030102760, Blue Buttons.
20GB Original Green Lens MKIIa Rio SN 040103268 Grey Buttons.

Top