Suspicious Data Activity on Home Network

  • Thread starter Thread starter Mike
  • Start date Start date
M

Mike

My home network consists of a Dell True Mobile 2300 router, Sygate personal
firewall v5.1, Dell 8200 W2K Pro PC and a Dell L400 notebook w/
wireless pc card nic.

Even before configuring the notebook to the network I noticed suspicious
data traffic on the router and dsl modem,
e.g., sustained data transfers lasting several minutes at times. When I see
this type of data traffic I disconnect the
cat5 cable going from the modem to the router. Sometimes the data
transfer will resume and sometimes it won't
resume right away.

How can I find out what's initiating the traffic and what data is being
transferred?

Thanks,

Mike
 
My home network consists of a Dell True Mobile 2300 router, Sygate personal
firewall v5.1, Dell 8200 W2K Pro PC and a Dell L400 notebook w/
wireless pc card nic.

Even before configuring the notebook to the network I noticed suspicious
data traffic on the router and dsl modem,
e.g., sustained data transfers lasting several minutes at times. When I see
this type of data traffic I disconnect the
cat5 cable going from the modem to the router. Sometimes the data
transfer will resume and sometimes it won't
resume right away.

How can I find out what's initiating the traffic and what data is being
transferred?

Thanks,

Mike
Click to expand...

Mike,

A port monitor would be a good start. I use Port Explorer
(http://www.diamondcs.com.au/portexplorer/index.php?page=home), which
is free with basic functionality. It will help you identify
suspicious network traffic, and what processes are generating /
receiving it.

Once you have identified questionable processes, Process Explorer
(http://www.sysinternals.com/), also free, will help you find out what
you need to know.

You might be advised to check for spyware first. You'll need Spybot
S&D and HijackThis (both free) and expert help from SWI Forums. Start
with this article for advice:
http://forums.spywareinfo.com/index.php?showtopic=5187

Cheers,

Chuck
I hate spam - PLEASE get rid of the spam before emailing me!
Paranoia comes from experience - and is not necessarily a bad thing.
 
I inoculated the pc with spybot. NAV w/ up to date .dat files. I'll get a
copies of Hijack This, Port Explorer, Process Explorer.

I upgraded to Sygate Personal Firewall v5.5. It reveals the following apps
with outgoing data:

Services and Control app
Deterministic network enhancer (I think this one is related to Verizon DSL
service)
WrKPoet2000 sys (I think Verizon dsl service)
Internet Explorer
Outlook Express

Mike
 
Back
Top