Ubuntu Networking :: Unknown Network Traffic
Jan 16, 2011
I noticed a huge data transfer to my computer. I wasn't downloading anything big, I have just opened Firefox, Thunderbird etc. It stopped after a minute but I'd like to know, what that was - this wasn't the first time something like this happened. I promptly started Wireshark and captured a few packets, all of them look like this:
[code]...
I tried to look at [URL]... but that webpage does not work. what the traffic might be caused by? Couldn't anyone hacked my pc?
View 9 Replies
ADVERTISEMENT
Sep 4, 2009
I wanted to know if i can install mrtg on a client computer in network and measure the network's router traffic.i know that it can be installed on the server.
View 5 Replies
View Related
Jan 20, 2011
Is there an easy way to monitor network traffic? I want to make sure my kids are surfing safe...
View 5 Replies
View Related
Sep 27, 2010
what I want to achieve is just to be able to say to who ever is killing our relatively fast connect that they aren't the only person using the network. Everyone just says "I hardly download anything." which is obviously untruthful as normally I can download at 1.5 MB/s but now loading even google.com takes way too long (same with pinging and all other sites). Once I do this, I can determine whether or not I need to call my ISP and do the long 'on hold' dance and "have you tried rebooting the router" BS.
View 8 Replies
View Related
Apr 4, 2011
I am running Ubuntu 10.10, upgraded a few weeks ago from 10.04. I noted from the system monitor that the system was generating a lot of network traffic, on the order of 10Mbps if the information is correct (using system monitor and iftop). From the process table, it appears that smbd is accumulating a lot of CPU time, which sort of makes sense as I use Samba for printing from a Windows 7 laptop. But the traffic seems to be making a round trip as I just rebooted the system and it reports in about 10 minutes of uptime 1.2GB was send and 1.2GB was received. Laptop is used for work, it is sitting idle for the last 30 minutes (VPN connection, etc); no backup or other interaction with the Ubuntu system.
View 6 Replies
View Related
Jan 31, 2010
I need software that measure the QoS of network traffic , Any recommend program?
View 3 Replies
View Related
Feb 8, 2010
I am manually capturing and injecting Ethernet traffic (using lib_net/lib_pcap libraries) for an application. At the moment , both capturing and injecting are done on the same physical interface (e.g. eth0). The problem is that all the traffic that I inject, are captured again by my application causing an unwanted feedback of injected traffic. This caused that I had to implement traffic filtering when capturing traffic, which is consuming resources and eventually will become too complicated to support.
I have tried using virtual interfaces to separate the capturing and injecting streams, but that also presented the same problem as all the traffic from eth0 is forwarded to both eth0:1 and eth0:2. If possible I would like both streams to go through 1 physical device, using more PDs will be the last resort. I am also looking at using TUN/TAP devices to try and separate the two streams, maybe writing a user-space program that lies between the physical device and the TUN/TAP devices to do the routing of traffic.
View 1 Replies
View Related
Jan 31, 2010
I need software that measure the QoS of network traffic , Any recommend program??
View 1 Replies
View Related
Dec 8, 2008
Via a network traffic monitoring tool I see that my laptop is generating lots of outgoing (EDIT : incoming !!) network traffic. Although no download program is running or any other program of which I know that could be generating this much traffic. Something strange is going on and I need to know how I can find out which program( s ) are generating network traffic.
View 7 Replies
View Related
Oct 18, 2009
how to configure my network for web traffic.Here is my setup:I have the following virtual machines, (all guest are running on CentOS 5.3);
firewall: Smoothwall 3.0, (hardware, not virtual)
guest # 1: Apache http server
guest # 2: Qmail server
guest # 3: Proftp server
I want all of these services on different machines for security reasons, (mainly the ftp server) how do I route the traffic from the firewall to the different machines? I have been looking at setting up a reverse proxy, however, everything that I have read says that a reverse proxy will not handle the smtp/pop3 traffic. Can I just use a DNS server to route the traffic?
View 5 Replies
View Related
May 17, 2010
My problem is that my wireless network traffic sometimes just stop.Like when I tries to update my system, update NetBeans or just download using Uget. I have no clue on what's wrong,Here is my system info:
Laptop model:
Code:
Lenovo R500
[code]....
View 1 Replies
View Related
Jun 19, 2011
how to redirect network traffic to a new IP address using IPtables. I am using Baffalo router and the rtos used is DD-WRT. Basically, I want it so that any connection going through my router to a specific IP (say, 192.168.11.5) will be redirected to another IP (say, 192.168.11.7) so any outgoing connections made by a program that is attempting to connect to192.168.11.5 will instead connect to 192.168.11.7.
View 2 Replies
View Related
Dec 28, 2010
How could I configure Ubuntu to be setup as follows...
Wireless Client ----> Wireless Router ----> Home Server ----> Internet
What is needed to make all of the wireless traffic go to my internet connection port. I will be having two ethernet cables plugged into the system one from the wireless router and one to my internet router.
View 1 Replies
View Related
Jul 3, 2010
Does anyone know if it is possible to filter/block network traffic between internal hosts on a lan?
Eg. : Linux firewall/router ( 192.168.0.1) - LAN Default G/W - all internal > external traffic gets filtered.
How would you filter tcp/ICMP/UDP traffic from internal host a ( 192.168.0.2 ) to host b ( 192.168.0.3)
All the internal hosts have the linux f/w as the default gateway, and are all on the same /24 subnet.
I would like to know if I can filter traffic between internal hosts.
View 3 Replies
View Related
Aug 9, 2010
In my "computer room" I have an ATT U-Verse TV decoder box and my computer connected to a Netgear Switch. The third port on the switch connects to the ATT router. I've just noticed that when I power on the U-Verse TV box I start getting a lot (200-250 KiB/s) of received packets on my Debian Lenny machine as shown in the System Monitor app. I don't show any outgoing traffic in response. That explains why the lights on the switch are blinking at the same rate for both devices. So, what, if anything, is this telling me? Is this normal, or is the ATT router spamming my Linux machine for some reason? Is this a potential problem?
Added: Or is this just telling me that the NetGear FS-105 is not actually an ethernet switch?
View 4 Replies
View Related
Nov 16, 2010
I just got vpnc setup to work with my VPN at work and now I am trying to figure out how to limit the traffic that is routed through the VPN while I'm connected to it. I only want traffic going to the local domain to be routed through the VPN.This is what my vpnc config file looks like:
Code:
IPSec gateway publicdomain.example.com
IPSec ID XXXX
[code]....
View 2 Replies
View Related
Apr 21, 2010
I am sharing files between three computers: ubuntu pc , windows xp pc and windows vista pc.( using samba ) Windows xp displays ubuntu pc correctly but vista does not,ubuntu pc is displayed as unknown device.Despite of this i connect vista and ubuntu via ip. I would like see my ubuntu pc in windows vista network.
View 2 Replies
View Related
Oct 29, 2009
is there a utility with which I can get the current traffice towards a given host, for example;
command 87.255.33.32
22000
View 1 Replies
View Related
Apr 9, 2010
I need to learn how to analyze network traffic for attacks and while finding the attack seems easy in my case I need to identify what hes doing. I will be happy right now if you guys can answer my question. How to identify if an attack has brought the server down? I have packet captures of an attack in progress and I noticed that every now and then the attacker would do something weird and the server would start sending packets with just the RST packet sent in response. Normally I had been seeing the RST ACK flags set or the FIN ACK bits set to terminate a connection. So once again my question is how do I tell if the traffic indicates a server crash?
View 1 Replies
View Related
Sep 14, 2010
I am connected to a network with free traffic inside it and post-paid outer traffic. So I need a way to be able to separately monitor the download traffic from inside and outside the network. All the solutions I`ve found for now offer monitoring of ALL up/down traffic.
So, I want to get separate statistics on these:
1 — 81.89.188.0/23, 217.197.9.0/24
2. — 81.89.186.0/23
3. — 81.89.178.0/23
4. — 81.89.176.0/23
5. — 81.89.180.0/24
9. — 217.197.12.0/24
[Code]...
UPD: I`m connected to the internet through the network`s gate, so all the traffic comes through eth0. I wish to separate traffic incoming from the IPs on top from all other traffic
View 9 Replies
View Related
Apr 22, 2011
I am using Debian 5 and I have some networking experience, however I want to learn to do this the best way possible. I have a Debian box with two nics and I want to connect that to a switch and use my Debian box as a router basically, as well as having a firewall setup within that too.
Should I use iptables to set up nat or the route command or what? I just want to know the group of tools to use in order to set up my network. Network diagram: Internet <------> Debian Box <----> switch <----> hosts I found some guides but they are for linux 2.4 and i'm not sure if they are right.
View 1 Replies
View Related
Mar 14, 2010
OS : CentOS 5.3 64bit How to trace incoming and outgoing network traffic for a give user? User 'A' logs in to the system and does various network connectivity As root user need to find what are the outgoing and incoming connection that are related with user 'A'. basically need to check the connection flow. netstat will show ESTABLISHED, LISTEN etc.. need something like tcpdump
Eg:- --user option for tcpdump tcpdump -vv -nn -i eth0 host 10.200.2.1 and tcp dst port 8080 --user A Can someone tell me any tool which can do such thing? Even if it can show the process ID of the client application which is trying to establish network connectivity will do.
View 1 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Jul 13, 2009
I upgraded from Fedora 10 to Fedora 11 last night in response to a pop up window. When I rebooted after the upgrade my wife immediately complained about the internet not working. Actually the connection up was working but Fedora 11 upgrade had made it slow almost to a stop There are two XP machines the network behind a local D-Link wireless router with Comcast high speed internet. When I disable networking on the Fedora machine the internet connection immediately returns to normal on the other two machines. Also there is a second or two period after enabling networking for a quick upload or download before the connection clogs.I checked the system monitor network history and found that there is a constant networking send rate of just under 180 kb/s in the background.This occurs even when the browser, email client, and automatic backup are off and the only process showing significant CPU use in the system monitor is the monitor itself.
I tried netstat but there were so many /tmp/orbit entries that I could not scroll up to the top of the listing. Is this normal. If so, does anyone know the netstat command options to just see connections with sent packets. I also tried ifconfig -a. This shows no Rx packets at all, and no TX packets except on eth0, The total etho TX packets matches t,he reported by the system monitor, and in the monitor you can watch the total accumulate in approx 180 kb/sec increments. I don't understand why 180kb/sec TX would make a dramatic difference in internet network internet speed. Comcast reports upload speeds in megabytes. I need to be able to use the net in Federa, but I am also curious to learn what is the caused the problem.
View 2 Replies
View Related
Mar 15, 2011
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
View 1 Replies
View Related
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Sep 14, 2011
As too my question, at this time I dont control the router/firewall an I would like to block a port thats used for guild wars on my workstation for a while. The reason for blocking is children have abused it an lost it.In this case I am trying to block outgoing traffic on port 6112. I have tried setting up a proxy server on the workstation, but the game seems to ignore it an jump on. Due to the environment, I enabled the workstation SuSEFirewall2 firewall an tried setting up "lo" as a internal an configure the firewall as a router, then disable 0/0 an configured for 0/0,tcp,443 an re route port 80 traffic to proxy.
When I had my own internet, I had a transparent proxy enforcing rules for access times. So setting up a proxy on each machine would not be a bad thing, even if it took some creative thinking. I am trying, but seem to be missing something.Ideally, I would like to setup a transparent proxy, as my kids have learned alot about system administration an know to check the proxy module. If all they have to do is un check "Use Proxy" an by pass a local proxy server, then I am kinda defeated. An applications such as firefox have a proxy setting they could set to none instead of system
View 9 Replies
View Related
Jul 17, 2010
I want to use samba for file sharing like on a Windows home network. Actually they are all Linux machines but nfs is too complicated. On my host machine I installed samba and system-config-samba. I created a new share for /home, check marked writable and visible and put access to everybody. For preferences-->server settings--> security the "authentication mode" is set to user, encrypt passwords is no, and guest account is no guest account. Under preferences-->samba users I added myself as a user with the same windows user name as my Linux user name and the same password.
My client is a virtualbox fedora (used for testing purposes but actual clients will be real computers on my home network). I entered the address smb://192.168.1.184. When asked for the user name and password I put my regular user name and password since that was what I set in samba users. However, the password dialog keeps coming up and won't let met into my own computer. If I quit it says something like access is denied. How can I get my home network back? I liked this feature when my home computers ran XP but I switched them to Fedora 12.
View 2 Replies
View Related
Jan 31, 2010
Is there a program that monitors and displays 'who' is on your wireless Internet signal that one may not be aware of? Like, the ability to see when someone that you don't know is accessing your locked wireless?
View 9 Replies
View Related
Dec 11, 2010
I have installed conky from soft manager after knowing its power today. I'm using 10.10. I want to design a conky script which monitor the network traffic ie total upload + download on monthly basis as I'm on limited internet plan which is too common here. I have free usage from 2am to 8am in the morning and want to exclude this traffic. So I'm in search of a custom script which can accomplish this.
View 1 Replies
View Related