Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Just installked a win 7 machine on my local internet, and since that point I have massive amounts of traffic going to and from my DNS that I cannot locate.
I see between 60 and 600 KB/s going to and from my win 7 and dns machines....and this is constant. no pauses. Also when I reboot it comes back. receiving on my win7 machine is always a bit higher that the sending amount..
this is what I have
/ # netstat -tln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
/ #
/ #
BWMeter found:
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 116 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 108 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 187 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 144 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 187 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 128 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 187 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 144 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 119 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 144 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 119 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 128 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 119 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 144 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 119 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 128 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 128 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 147 bytes, protocol: 6
15-2-2009 15:59:49: HTPC:49180 -> BACKUP:139 : 116 bytes, protocol: 6
15-2-2009 15:59:49: BACKUP:139 -> HTPC:49180 : 128 bytes, protocol: 6
Any Idea what it could be?I have cheched with avg, and spybot, but both came up negative.
ANy help would be appriciated
Thanks
Patrick
Last edited by pwvandeursen (2009-02-15 17:06:15)
Offline
I'm guessing the name of your dns-323 is 'backup'. Anyway, download and run Wireshark on your Windows 7 box to capture traffic between the two. From there find out what is transferred between the two (Follow tcp stream).
Google DFS DNS-323
Google DNS-323 Samba
One last thing:
LLTD
Select enable or disable to turn LLTD on or off.
LLTD
Link Layer Topology Discovery allows the DNS-323 to be discovered by Windows Vista's network map. (Note: Enabling LLTD may cause decreased network performance. If you are experiencing decreased network performance try disabling LLTD.)
Good luck,
Michael Scott
Offline
Michael,
thanks for your reply. I downloaded wireshark and installed it. ran a capture, but am lost what to do now. Unfortunately I don't know what I am doing....
The only thing I see is the amount of bandwidth to and from the dns is increasing....
What am I looking for?
Offline
Perhaps if you don't mind, please save and attach your capture file (for about 1 minute of traffic).
Also, look at the following DFS article (though it is not Windows 7)
http://support.microsoft.com/kb/905846/en-us
Offline
here is the file attached
hope this can give some clarification
Patrick
Offline