Suspicious Data Activity on Home Network

M

Mike

My home network consists of a Dell True Mobile 2300 router, Sygate personal
firewall v5.1, Dell 8200 W2K Pro PC and a Dell L400 notebook w/
wireless pc card nic.

Even before configuring the notebook to the network I noticed suspicious
data traffic on the router and dsl modem,
e.g., sustained data transfers lasting several minutes at times. When I see
this type of data traffic I disconnect the
cat5 cable going from the modem to the router. Sometimes the data
transfer will resume and sometimes it won't
resume right away.

How can I find out what's initiating the traffic and what data is being
transferred?

Thanks,

Mike
 
C

Chuck

My home network consists of a Dell True Mobile 2300 router, Sygate personal
firewall v5.1, Dell 8200 W2K Pro PC and a Dell L400 notebook w/
wireless pc card nic.

Even before configuring the notebook to the network I noticed suspicious
data traffic on the router and dsl modem,
e.g., sustained data transfers lasting several minutes at times. When I see
this type of data traffic I disconnect the
cat5 cable going from the modem to the router. Sometimes the data
transfer will resume and sometimes it won't
resume right away.

How can I find out what's initiating the traffic and what data is being
transferred?

Thanks,

Mike
Click to expand...

Mike,

A port monitor would be a good start. I use Port Explorer
(http://www.diamondcs.com.au/portexplorer/index.php?page=home), which
is free with basic functionality. It will help you identify
suspicious network traffic, and what processes are generating /
receiving it.

Once you have identified questionable processes, Process Explorer
(http://www.sysinternals.com/), also free, will help you find out what
you need to know.

You might be advised to check for spyware first. You'll need Spybot
S&D and HijackThis (both free) and expert help from SWI Forums. Start
with this article for advice:
http://forums.spywareinfo.com/index.php?showtopic=5187

Cheers,

Chuck
I hate spam - PLEASE get rid of the spam before emailing me!
Paranoia comes from experience - and is not necessarily a bad thing.
 
M

Mike

I inoculated the pc with spybot. NAV w/ up to date .dat files. I'll get a
copies of Hijack This, Port Explorer, Process Explorer.

I upgraded to Sygate Personal Firewall v5.5. It reveals the following apps
with outgoing data:

Services and Control app
Deterministic network enhancer (I think this one is related to Verizon DSL
service)
WrKPoet2000 sys (I think Verizon dsl service)
Internet Explorer
Outlook Express

Mike
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

P2P Network Questions 2
Mysterious network activity. 1
IP scanner shows lots of 'live' IP addresses on my DSL--why? 10
Computers not seeing each other on XP Pro network 4
Home network troubles 3
home network 2
Broadband activity 4
Home Network Disappeared! 3

Top