View unanswered posts    View active topics

All times are UTC - 6 hours





Post new topic Reply to topic  [ 3 posts ] 
Print view Previous topic   Next topic  
Author Message
Search for:
PostPosted: Sat Jul 11, 2009 1:42 pm 
Offline
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location: Minneapolis, MN
On Wednesday night 7-8-09, there was an increase in network activity on my main R5.5 KM box.

By coincidence, that was the same night I was loading up R5.5 on a test computer in another part of the house (different IP address, but connected to the same network). I don't think putting a 2nd R5.5 box on the same network would cause this, but just in case, I'm noting it.

Note the graph of network activity.
Image

You can see that an increased amount of traffic started on Wednesday night. I have tried to narrow down the nature of the traffic:

Thus far, I have:
1. rebooted the KM machine to see if the network traffic would go back down - it did not. (time noted in picture)
2. I turned off the Internet modem to stop all traffic between my in-house network and the Internet. (time noted in picture)
3. After turning the Internet modem back on, and seeing no decrease in network activity, I turned off the port forwarding in my Internet router, so the KM box cannot be accessed from outside my in-house network - no change in network activity.
4. looked in the /var/log/auth.log for evidence that I am getting attacked via SSH logins - no evidence of external SSH attacks

From the evidence thus, far, I believe that the KM box is generating the increase in network traffic, rather than responding to any external attacks or external access.

How can I tell what program or service is causing the network activity?

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner


Last edited by neutron68 on Mon Jul 13, 2009 4:25 pm, edited 2 times in total.


Top
 Profile  
 
PostPosted: Sat Jul 11, 2009 2:49 pm 
Offline
Joined: Tue Mar 28, 2006 8:26 pm
Posts: 804
Location: Minneapolis, MN
I think I just solved it. I went into the Mythweather settings and UNchecked the box that says "Retrieve Data In The Background". The network activity went back down to normal.

On Wednesday night, I had checked that box to see if it made weather data load quicker. Apparently it goes out and gathers weather data 24/7 if you have the box checked!

Good to know...

(Revised to fix spelling error)

_________________
KnoppMyth R5.5, Asus A8N-VM CSM (nvidia 6150 onboard video), AMD Athlon 64 dual-core 4200+, two 1GB sticks DDR 400, HD-3000 HDTV card, PVR-150 card, Iguanaworks RS-232 IR receiver/transmitter, Pioneer DVR-110 DVD burner


Last edited by neutron68 on Sat Jul 11, 2009 10:40 pm, edited 1 time in total.


Top
 Profile  
 
 Post subject:
PostPosted: Sat Jul 11, 2009 7:16 pm 
Offline
Joined: Wed Mar 07, 2007 9:51 am
Posts: 173
Location: Uniontown, PA
A quick command for anyone else in a similar situation of heavy network traffic:

Open a command shell and issue:
Code:
netstat
This shows you all of the inbound and outbound network connections.

Also use:
Code:
netstat -l
to see what ports your system is LISTENING to to see if there's anything to respond to. You should see the basic ports for SSH and HTTP, along with the MythTv ports.


Top
 Profile  
 

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 


All times are UTC - 6 hours




Who is online

Users browsing this forum: No registered users and 18 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group

Theme Created By ceyhansuyu