Over 1 million tech questions and answers.

Encrypted traffic

Q: Encrypted traffic

How does ATA deal with packet inspection of encrypted traffic?

Thanks

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Encrypted traffic

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 63.2

Hi everyone!!!

I've been tasked with running message analyzer to determine if data is encrypted from an endpoint. We are using MBAM and want to ensure that any data sent to MBAM application server is encrypted. Now, we know it is via https, but, we still need to verify this
(for audit purposes).

Can anyone provide some insight as to how I could use microsoft message anaylzer (or perhaps something better) ?

We are planning to run a capture for 24 hours. We also want to ensure data is encrypted from app server to sql server. 



Thanks all! 

Read other answers
RELEVANCY SCORE 62.4

Sorry for the inconvenience, about 3 days to the date this message is appearing to me, usually when visiting microsoft sites.



This happens to me both with version 10 of ESS and Kaspersky. But it does not happen with other antivirus and version 8 of ESET Smart.

It happens in Chrome and occasionally with Internet explorer 9.

Please, I am very worried about this behavior, which had never been presented to me before.

Read other answers
RELEVANCY SCORE 43.6

I keep getting this alert despite the amount of resources that I add to my Gateway.  
Our DC and Gateway are running virtually in VMware.  Distributed Virtual Switches are not an option so I have to resort to configuring Promiscuous Port Group.  
I configured a Promiscuous Port Group on the same Virtual Switch that the DC (and the rest of our servers) is connected , and assigned it the same VLAN ID as the DC. 
ATA is capturing and reporting traffic but I continually receive an alert for some network traffic is not being analyzed.  I have thrown double the resources at our Gateway's
than what the sizing tool identified, and still receive this alert.  At this point I have 24GB of RAM and 10 Cores allocated to my Gateway which is only capturing reporting on 1 DC.  At this point I am about ready to scrap ATA because of how resource
intense it is.  
Any ideas or suggestions?  Does it sound like I have the Promiscuous Port Group configured correctly, or is it possible that I am capturing ALL traffic for the VLAN assigned?  

Read other answers
RELEVANCY SCORE 42.8

Is there a good network traffic/broadband monitor that actually keeps track of ALL (really ALL) traffic in a network?
I have used quite a few (eg, Ethereal, ntop, network probe) but all of them kinda keep track of only traffic that is coming in and out of the PC they are run from.

I need one that really tracks every single transaction that goes on in the network, including PCs talking to PCs, PCs talking to servers, servers talking to PCs, PCs talking to printers, etc.

Would help a great deal if they are FREE too!

Anyone know of any good ones?
 

A:Network traffic/bandwidth monitor that tracks GLOBAL network traffic

Hi.

You may find something here...

http://www.freewarehome.com/Internet/Networking/Network_Monitoring_t.html
 

Read other 2 answers
RELEVANCY SCORE 41.2

Hello everyone here
Seem like I am and idiot to it's seem funny it's like lock the door and then throw the key to that room.
I was wondering whether how can I open certificate.ptx file if it's already encrypted. I suddenly found a video on youtube
about encryption thing that can be done by CMD i have no idea what is about just try and follow it i'm not really know
that all the files that save on my desktop are being encrypted automatically. I saw windows asked to save the certificate then I save it on my desktop later on my PC error so I move all my files on desktop to external drive and do Windows reset tool completely
reset. And I've just noticed I can open all my files which I back up :/
Please if somebody have solution please let's me know. Now i'm stuck with all my files like 120Gb :/
Regard,
Sela 

Read other answers
RELEVANCY SCORE 39.2

I know I have been hit by CryptoWall. I do however seem to see something that I have heard shouldn't be the case. I am hoping that this is a good sign. I have files that are duplicated but it seems that the original file is still there. ex.
 
Kidz Club.jpg   
 
AND
 
Kidz Club.jpg.5aa
 
Problem remains the same both files are encrypted. Didn't know If this has been reflected in other forums and is something that is recoverable.
 
A response would be appreciated
 
Thanks for all you guys do.

A:Files encrypted but both regular and encrypted files remain.

A repository of all current knowledge regarding CryptoWall is provided by Grinler (aka Lawrence Abrams), in this tutorial: CryptoWall and DECRYPT_INSTRUCTION Ransomware Information Guide and FAQReading that Guide will help you understand what CryptoDefense does and provide information for how to deal with it and possibly decrypt/recover your files. At this time there is no fix tool for CryptoWall.There is also a lengthy ongoing discussion in this topic: CryptoWall - new variant of CryptoDefense. Rather than have everyone start individual topics, it would be best (and more manageable for staff) if you posted any questions, comments or requests for assistance in that topic discussion....from the above topic.CryptoWall victims,If you are thinking about paying the ransom, have decided to pay, or want to help test a few things for me, Please email me at [email protected] or PM me first.There may be other options for you, or can receive assistance with the infection.Nathan (DecrypterFixer), Security Colleague Post #273ThanksThe BC StaffNote: Although this infection has numerous similarities to CryptoLocker and CryptorBit, there is no evidence that they are related other than that they do the same thing.

Read other 1 answers
RELEVANCY SCORE 32.8

how can you tell if a web site has high volume, by looking at it?
 

A:web traffic

Read other 12 answers
RELEVANCY SCORE 32.8

hi,

Lately, at around 1 PM my time, the traffic of my connection is always 48 KB/s (i have 384 kbps internet connection), i see that is maximum speed i got. but the problem is everytime i browse, it's so slow.

My download speed from JDownloader is also drastically decreased from maximum 48 KB/s to 5 KB/s max. so i guess something is using my bandwidth!

maybe it's a trojan, and how to monitor which site or program uses it with nice interface (i can't read machine language)?
thank you

A:how to know how much traffic is used by which

Some firewalls will log traffic. Do you have antivirus and a firewall you use?

Read other 6 answers
RELEVANCY SCORE 32.8

How can I encrypt outgoing internet traffic or IMs? Anyone? Thanks in advance........ UGW!
 

A:Traffic?

Hiya

Just going through the old posts.

When you say Outgoing Internet Traffic, are you maening emails etc? If so, one of the bes out there is PGP.
http://www.pgp.com

Also, have a look at this: http://www.cert.org/encyc_article/tocencyc.html

What are IM's?

Regards

eddie
 

Read other 1 answers
RELEVANCY SCORE 32.8

I can log onto the internet ok, but after that the problem begins. Its sort of hard to explain but here goes -- When i click on my outlook express to bring up my email, OR click on a web page, the two-screen icon on the task bar SOMETIMES doesnt start flashing for an extended amount of time, (it varies). I don't know if its the ISP, my phone connection, the software or the PC. Where should i start to fix this?

A:in & out traffic

Can you access your email or go to any websites when that happens? When it's not flashing, what it usually means is that there is no data coming in or going out.

Read other 6 answers
RELEVANCY SCORE 32.8

My company uses IBM Lotus Notes for email, but because I would never wish that program on my worst enemy, I am using Microsoft Outlook with the Lotus DAMO software. For the first few months it had been working great and then I began experiencing a warning message claiming that Outlook could not find a connection to the server, but would resume syncing once the connection was established. This connection process has gotten progressively worse and takes anywhere from 30 minutes to several hours before Outlook is able to establish a connection. Out of curiosity, I began watching network traffic to see if there was anything I could detect. Sifting through the traffic, I discovered TCP incoming/outgoing traffic to 195.22.26.248. I did some research and found that this IP has been associated with malware and that the resolve host is Anubis Networks located in Portugal. The traffic seemed to be generated at the same time I would push the Send/Receive button in Outlook. I have added firewall rules to block any incoming/outgoing traffic from 195.22.26.248. I've loaded MBAM and completed scans with no results, I have loaded Hijack This and did not see anything unusual; I've run a few different rootkit scanners that came up empty as well.
 
I apologize for the long description. What can I do to determine if this is indeed something to be worried about. Thank you.

Read other answers
RELEVANCY SCORE 32.8

is there any way I can look to see what is being accessed from my computer while I'm online?
 
I have alot of intelectual property and buisness things on my HD that I would not be cool with others seeing.
 
I have TrueCrypt but still not sure how to lock some of those indiviual files down.
 
any help is appreciated thank you in avance.

A:Traffic ?s

hey guys i know your all volenteers but I dont even know if anyone has looked at my questions yet. someone please let me know if it is a dead end for me or if I should just use the part of the forum to see if anthing is on my computer that could have comprimised it.

Read other 3 answers
RELEVANCY SCORE 32.8

Hi guys.........nice site......pleased I found you.....

desktop pc on XP Pro sp2
laptop on XP home
Both connected to internet via wireless router.
Both set up using network connection wizard
Both have SFS set to enabled
router security disabled

The problem I have is this......

Both pc's connect to the web no problem....
My network places on the desktop shows all shared files on desktop and laptop
and I can access all the files in that direction
My network places on the laptop shows only the shared files on the laptop, and none on the desktop.

(working on the laptop)
When I click 'view workgroup computers' both the computers are there.....
but when I try to open the desktop, it gives me the 'cannot access etc'...
'may not have permission etc'...........

I have just read every post in this thread and tried everything mentioned, with no joy...

the router is on 192.168.2.1
the desktop is on 192.168.2
the laptop is on 192.168.2.5
windows firewall disabled
zone alarm set with permissions for above IP's and also tried whilst switched off.
even tried changing the 'restrictanonymous' value to zero in the registry....
nothing seems to change it.

I don't know what else to try.....It will no doubt be something too simple that I've overlooked
Or it might be that I killed a robin when I was five or something.....

Any help really appreciated.....

...........frostyboy...........
 

A:one way traffic

Read other 12 answers
RELEVANCY SCORE 32.8

Can you help me please?My pc seems to be infected with the "bigtraffic" bug.My log file is as follows:Logfile of HijackThis v1.99.1Scan saved at 20:07:11, on 20/09/2005Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\System32\svchost.exeC:\PROGRA~1\Iomega\System32\AppServices.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\system32\ZoneLabs\vsmon.exeC:\WINNT\Explorer.EXEC:\WINNT\ucfzsvc.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\svchost.exeC:\Program Files\Iomega\AutoDisk\ADService.exeC:\WINNT\system32\svhost.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Iomega\AutoDisk\ADUserMon.exeC:\Program Files\Iomega\DriveIcons\ImgIcon.exeC:\WINNT ... Read more

A:Big Traffic Bug

Hello Mikew and welcome to the BC HijackThis forum. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.Step #1Download CCleaner and install it but do not run it yet.Step #2Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Step #3Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R3 - Default URLSearchHook is missingF3 - REG:win.ini: run=C:\WINNT\system32\svhost.exeO2 - BHO: CDownCom Class - {031B6D43-CBC4-46A5-8E46-CF8B407C1A33} - C:\WINNT\DOWNLO~1\ipreg32.dllO2 - BHO: ts - {4006DCA3-433D-4FC8-AC36-42DA7797DCB7} - C:\WINNT\system32\bho.dllO2 - BHO: ohb - {9ADE0443-2AB2-4B23-A3F8-AC520773DE12} - C:\WINNT\system32\nsl33.dllO2 - BHO: (no name) - {A9AEE0DD-89E1-40EE-8749-A18650CC2175} - (no file)O4 - HKLM\..\Run: [System backup] C:\WINNT\system32\soft.exeO15 - Trusted Zone: *.addictivetechnologies.comO15 - Trusted Zone: *.awmdabest.comO15 - Trusted Zone: *.c4tdownload.comO15 - Trusted Zone: *.crazywinnings.comO15 - Trusted Zone: *.frame.crazywinnings.comO15 - Trusted Zone: *.megapornix.comO15 - Trusted Zone: *.overpro.comO15 - Trusted ... Read more

Read other 1 answers
RELEVANCY SCORE 32.8

Our SIEM and MSSP are lighting up with firewall traffic drop alerts due to LWGWs on DCs in domain A trying to resolve machines in domain B via TCP 135. Is the recommended method of dealing with this issue to use the DC's windows firewall to block the traffic
outbound per the below linked thread?  
https://social.technet.microsoft.com/Forums/en-US/d87b13a6-c3fb-41d8-bae0-f743bb0285ee/ata-gateway-server-hitting-servers-over-port-135

Read other answers
RELEVANCY SCORE 32.4

I have been having ping trouble for months in the late afternoons into the evenings with my cable internet connection with no router. My pings are perfect around midnight through the morning so I assume my trouble is due to local traffic, will upgrading my internet speed help the problem? can I change providers to completely fix the problem or will it be the same no matter who the provider is? Is there anything i can do? The techs for my isp dont seem to be very bright.

Im in Columbus Georgia using Knology internet service
Windows XP
 

A:Question about traffic lag

Ask your ISP if it would be possible to move you elsewhere on their server.
 

Read other 1 answers
RELEVANCY SCORE 32.4

Hi. I recently received a message from a posting board/ bulletin board type site and there was a link with the message. I did not click the link, but I did copy and paste it into the url box and then I went to that page. If the link in the very suspicious message was linked with an auto-execute RAT and I cut and pasted it, if it had been created by an expert at sending RAT links, could it have infected my computer? I've noticed suspicious behavior on my computer like tabs closing without me closing them, the computer slower....

My main question here is.... I have read in the past that the best way to tell if someone is on your computer is to monitor traffic. Can you tell me how to do that? If someone is on my computer, then they are reading this message. If I were to try to monitor traffic, could they just 'log-off' or something when I started to monitor it and then get back on later/ tomorrow thereby the traffic being monitored would not see them?

Please help!
Thx
 

Read other answers
RELEVANCY SCORE 32.4

What is a fair way of counting Web traffic? Especially in relation say, to newspaper circulation?

I've heard one blogger say that his blog is equivalent to the 5th largest newspaper in the U.S.

But, can you count every "hit"?

Tom Tomorrow, of "This Modern World" blog wrote:

"If Blog X, with comments, has 50,000 readers a day, does it really have 50,000 unique readers a day, or 25,000 readers checking in twice a day? Or 5,000 readers checking in ten times a day to see what’s being said in the comments section? (Or one really obsessive reader checking in 50,000 times a day?) A blogger with much higher traffic than mine once admitted to me, somewhat furtively, that any visitor who waits at least an hour between visits counts as a new unique visitor."

Also, what Tom Tomorrow didn't say is that you may have false hits...
That is, someone "googles" the words "world of tomorrow" trying to get a site that predicts the future and mistakenly gets Tom Tomorrow's political site -- then the guy immediately leaves the site...but he's been counted!

It's equivalent to someone who passes by on the street and glances for a second at a copy of the Washington Post in the newsstand before walking on. Should the glancer be counted as a reader? But that's how the bloggers count their readership.

So, my question is: what is a fair way to count blog traffic (to compare it to newspaper circulation)? IS there an... Read more

A:How 2 Count Web Traffic?

a quick googlerization found this
http://www.statcounter.com/
 

Read other 2 answers
RELEVANCY SCORE 32.4

Can someone tell me if there is internet traffic even when the Internet exploreer is not enabled? My modem indicates that there is and the Local Area Connection also indicates activity. If there is traffic,what is doing it and how do I stop it?.
 

A:Internet traffic

Yes it is possible. What other programs do you have open and what kind of tasks do you have running in the background?

An e-mail program may be checking for new messages every so often.

Some programs have separate update checkers that run in the background even if the main program is not running.

A hacker on the Internet maybe trying to hack into your computer.

You may have a virus that is trying to send itself to everyone in your e-mail address book. A different type of virus may be sending your credit card and other personal information to a the Russian Mafia.

You may want to investigate a software firewall for your computer. Some if not all can be set up to warn you whenever any program tries to access the Internet or if someone is trying to access your computer from the Internet. Some also have "STOP" button that instantly stops all traffic when clicked. A software firewall is not 100% secure. A software virus may be able to get around it.
 

Read other 2 answers
RELEVANCY SCORE 32.4

Group:
 
Within the last several days I have not been able to reach several links and the attempts seems to end up at:    traffic.outbrain.com    and then does nothing.  Is there some kind of virus, malware or something that may be trying to redirect the link to somewhere else?
 
Appreciate any suggestions or comments

A:traffic.outbrain.com

Hello sailor, it's possible you have a browser hijack.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Download TDSSKiller and save it to your desktop.
Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
Please download Malwarebytes Anti-Malware and save it to your desktop. Important!! When you save the mbam-set... Read more

Read other 7 answers
RELEVANCY SCORE 32.4

Help me if you can, After receiving the email attached below I ran full scans with MS Security Essentials as well as Malwarebytes anti malware without finding anything, yet according to the email I have a zeroaccess infection. Is this a false positive identified by AT&T or do I have something hidden on my PC? (EMAIL I RECEIVED)***********************************************************For the fastest response, please ensure that you retain thesubject line, and direct all replies to this warning letterto [email protected]***********************************************************IMPORTANT COMPUTER SAFETY NOTICE from AT&T Internet ServicesSecurity Center - "Bot Traffic Detected"******* *****,AT&T has received information which indicates that a device accessingthe Internet via your Internet connection is infected with malicioussoftware. Our investigation shows the following IP was assigned to youat the indicated time and was being used to provide DNS services to azombie computer network, also known as a Botnet.At Fri, 25 Oct 2013 00:02:16 +0000, your IP address was: **.***.**.**Type of infection (if known): ZeroAccessSource Port: 49156Destination Port: 16470Destination IP: 70.xx.xx.19Botnets are networks of compromised computers under the control of ahacker or group of hackers. Botnets are often used to conduct variousattacks ranging from denial of service attacks on websites, tospamming, click fraud, and distribution of malicious software.To address... Read more

A:Bot Traffic Detected

No worry, do you get on chats. that can false positive

Read other 6 answers
RELEVANCY SCORE 32.4

Information Security is telling me my machine is attempting connections to nubpub.com (malicious domain).  I can't trace it to any specific application.  Chrome/Firefox add-in?
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17116  BrowserJavaVersion: 10.65.2
Run by js012704 at 11:45:48 on 2014-11-18
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8072.1852 [GMT -6:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
SP: Sophos Anti-Virus *Enabled/Updated* {D0CA1913-188C-B293-ABD7-B72CB1814094}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Sophos Client Firewall *Disabled* {539079D2-74D9-BC45-BA38-256B34D54D52}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Sophos\Sophos Client Fi... Read more

A:IP Traffic to pubnub.com

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/556668 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 32.4

Hello,
Last week I had a adware.adtomi virus on my computer and I installled cwshredder, spybot search and destroy, ad-aware 6.0
on my computer and the I lost access to this site rpf.prop-planet.com

I think I maybe I checked a wrong box when I installed some software and I need to configure my computer to allow traffic to 66.227.56.249 (rpf.prop-planet.com) The programs I recently put on my computer are cwshredder, spybot search and destroy, ad-aware 6.0 Could any of these be blocking my access to 66.227.56.249?
Thanks
 

A:Configure to allow traffic

Can't see how you'd get blocked from one particular site. What happens when you try to go to that url? Are your cookies enabled (the url says they must be). If I go to the IP, all I get is one graphic page, with apparently no links into th site.
 

Read other 3 answers
RELEVANCY SCORE 32.4

Wy do I see my laptop sending and receiving data when I am not surfing nd how can I find out what and who it is sending and receiving the data?
 

A:internet traffic?

Using the command prompt you can do what is called a netstat, it will show all communications on the network, and what program is associated with them.

The command would be the following, be sure to include the 4 spaces in the command.
This is a snapshot of current activity, use F3 and enter to run it again.

netstat -a -b -n -o

.
 

Read other 3 answers
RELEVANCY SCORE 32.4

Hi all.

If I'm in the wrong forum please tell me where I should be.

Can anyone recommend any sort of a program that will monitor traffic in and out of a PC and display if some sort of a spam bot is active?

I don't mean anti-virus or anti-spyware software, but rather a program that will look for the illegal traffic itself.

My Google searches suggests that some sort of a "network packet monitor" might do the job, but would it work for a broadband connected stand-alone PC (no network)?

How easy is it to read the output from a packet monitor (if that's what should be used)?

I run a struggling one-woman home business and cost is important.

Any suggestions most welcome.

TIA
- Rosie
 

A:How to spot bot traffic?

Here's a list of them

http://netsecurity.about.com/cs/hackertools/a/aafreepacsniff.htm
 

Read other 2 answers
RELEVANCY SCORE 32.4

I'm running Sunbelt VIPRE and Firewall. I notice, late at night, from my modem diodes, that my computer is either sending or receiving large amounts of data. Scans (including rootkits) claim that I am clean. How can I identify what software or source is producing this traffic?
 

A:Traffic Identification

Read other 6 answers
RELEVANCY SCORE 32.4

Hello,

I have a LAN of about 10 computers and we conect to internet via a switch. I want a software to monitor which computer consumes internet speed

A:Network traffic

Would resmon not do the trick?

Read other 1 answers
RELEVANCY SCORE 32.4

Does anybody know of any good programs I could use to interperate my log files on my web server? I am currently using Wuasage, but its poo. I must be doing something wrong.
 

Read other answers
RELEVANCY SCORE 32.4

Hi there,
I run a server which runs an internt radio staion, and some games servers e.t.c , so its obviousally not the mst secure.
It also runs a domain network, with CAT5 and VPN connected clients!

Yesterday, it stopped asiging IP Address, and the Remote desktop software I was using to access it stoped working as well.

I thought maybe over night the problem might mysterously disipear as it came. But it got worse, this morning it was being a bit tempormenatal, and I had resulted by maunually siging IPs on the computers i needed connected.

Now the server does not seam to be accepting any incomming connections besides terminal servcies.
There is no DHCP, no shares, No internet, no nothing besices terminal serves (which runs very slowly)
I have scanned with avast and Lavasoft anti spyware, they both found and remboved a few minor things, and still the problem moves on.
Harware and firewall wise, I have recently put Comodo firewall on some of the client PCS, and instaly took it off my main pc yesterday. The server has nothing, besides the firewall within the router.
Besides the Comodo firewall, nothing has really changed much deliberiatly.
I have just restarted everything on the network, and the same problem arrisies, and I have ironed out the fault being the router, as i have now configured this computer's IP to work stright off the router, (Hence how I am on the internet now)
I urgently need to sort this problem as obviousally i have clients unable to access it... Read more

A:No traffic!!? - Emergentcy..please help!!

Read other 16 answers
RELEVANCY SCORE 32.4

I use NetMeter to monitor in and outbound traffic to my computer, and starting a coupple of months ago, every once and a while, a series of a thousand or so 2.25 to 3Mb/s upload spikes start, amounting for almost 1Gb per day!!!!!

the spikes occur every 20 seconds, like clockwork.

i'll post a screenshot from netmeter next time it happens.

the odd thing is, no antivirus i've tried has found anything! same goes for antispyware!

whenever i start deleteing processes from the process list, it stops, then comes back after a coupple of minutes! also, if i am running on wifi, plug in my network cable, wait for it to connect, and disable wifi, the pulses subside for a bit, then come back!

i'm concerned because of the incredible ammount of data involved, and, it seems to have been increasing iver the past month.

Luckily, all the important data on my machine is encrypted, but, if the spikes are a data transfer, encryption won't mean $#!7.

any ideas?
screenshot comming soon.
 

A:Odd network traffic

Read other 8 answers
RELEVANCY SCORE 32.4

I am helping a friend with his website and I was wondering if anyone had any good recommendations for promoting that site. I have already added some meta tags and submitted it to search engines but, the site isn't showing up very high up the ranks, if it shows up at all. I need to figure out a way to help him get this site some exposure. Any suggestions would be appreciated. Thanks.
 

A:Web site traffic

You might find this link usefull
http://selfpromotion.com/

 

Read other 1 answers
RELEVANCY SCORE 32.4

Does anyone know how to fully remove Traffic Syndicate/Hu? Mcafee finds it on every scan, but can't fully remove it.

Thanks
djpete665

A:Traffic Syndicate/Hu

If it's a toolbar installed...remove the toolbar, using Add/Remove Programs.

Appears to be adware, should be able to be removed by SUPERAntiSpyware and/or Malwarebytes.

Louis

Read other 1 answers
RELEVANCY SCORE 32.4

Ever since implementing ATA, we have been generating alerts from our firewall for blocked traffic on port 135. The traffic is only into one of our environments. Does anyone know what ATA is doing on port 135?

Read other answers
RELEVANCY SCORE 32.4

Hello, all!

Trying to fix my wife's computer (Toshiba Ultrabook, purchased 08/2013, W8 as a standalone workstation) - I haven't been on it ever before; not very W8 fluent.

Symptoms:

Can't load anything in IE or Firefox, including local router web interface
Can't RDC or FTP
CAN ping websites

On login, balloon appears:
Failed to connect to windows service; Windows couldn?t connect to the Windows All-User Install Agent service
Service isn't running, but starts on my command without issue. It's set for Automatic startup. Starting service does not resolve any issues.

Ran SFC... From cbs log:
DIRSD OWNER WARNING ? about 600 instances, mostly in C:\windows
"Ignoring duplicate ownership for directory?" another 600 instances

My wife's account is an Admin account. While in her account, I created a new user account, also admin. This new account has the same issues as my wife's.

I don't know of any other problems with this computer.

Starting to run out of ideas, any suggestions would be greatly appreciated. Thanks!

As another bit of info, this weekend my wife used an older WD external USB HD for the first time. She didn't experience any difficulties, except the "safely remove device" attempt was never successful. Not sure if this is correlation or coincidence.

A:No internet traffic (mostly)

Hello, did this problem start right after installing or updating an antivirus program?
Lets see if its a browser or a Network problem.
Install another browser either from download if you can or bring it from another pc via usb stick.
Are you wireless or wired?

Read other 2 answers
RELEVANCY SCORE 32.4

Dear All,

I want to monitor my network traffic. Which tool I will have to use for that and how to monitor network traffic. Please help me everyone because this is very important question which I will have to face in interview.

Thanks in advance
 

A:Network Traffic

http://www.wireshark.org/
 

Read other 2 answers
RELEVANCY SCORE 32.4

I need uTorrent to use my VPN (StrongVPN.com) and all other traffic to NOT use it. Also, I need to make sure that in the case that my VPN becomes disconnected, that uTorrent NEVER connects directly to my ISP.

I have tried searching Google and a few sites offer suggestions, but no solid solution is out there.


Thanks,

davidbrookstone

A:How to set Utorrent to use VPN, all other traffic not through it

TSF Rules prohibit help with P2P apps.

Thread Closed.

Read other 1 answers
RELEVANCY SCORE 32.4

Hi,

I have a 2008 R2 Server Running 2 Websites, 1 Lan card with 2 Different IP. I need to Monitor each IP to find out if one is creating a bottle neck for the other.

E.g.
Web1: mywebsite.com
IP1: 192.168.1.100

Web2: yourwebsite.com
IP2: 192.168.1.101
I need to monitor 192.168.1.101 & 192.168.1.100 so i can find out if one is using more bandwidth than the other.
 

A:Need a Traffic Monitor

Read other 6 answers
RELEVANCY SCORE 32.4

Hello I was wondering how to start gettin more website traffic to my website? Are there any programs or things that I could do to build popularity? Please ne help? I have already tried submissions really. Not to familiar with link exchange.

A:Website Traffic ?

Content.
Regards,
John

Read other 1 answers
RELEVANCY SCORE 32.4

What software would show details [in English, not digits !] about the traffic through a connection to the internet that I have not specifically 'requested' ? e.g. soon after booting - that could be just security software updating (if so, which ?) or something else that is happening.

Read other answers
RELEVANCY SCORE 32.4

Hello,

I did some searching on this topic and saw the answer was to turn off default gateway. I work at home and am connected to my home network and VPN into my work network so outlook will work. If I look at my VPN Status, it says IPv4 connectivity - no internet access- and IPv6 connectivity no network access.

From what I was able to find this is how I want it set up so that my general internet browsing it not going over my VPN. Can you confirm that's what IPv4 no internet access means?

My home network says IPv4 connectivity - internet -
 

Read other answers
RELEVANCY SCORE 32.4

hello everyone

i got a problem in my laptop , i'm using Windows 7

there's some download from my computer i can know it from the DU METER (program)

so,what is the way to know what this traffic from ? and how to stop it

becuause all my apps r stopped ,and no Updates !

Thanks

A:there's some traffic my computer i can't know from where !

Run a full antivirus scan

Download and run malwarebytes. Run full scan about 90 minutes and update malwarebytes first. Sounds like trouble.

http://www.malwarebytes.org/mbam.php

Read other 9 answers
RELEVANCY SCORE 32.4

Is there any programs on windows 7 that can limit bandwidth?

My problem is that when someone streams a video or downloads something it lags the online game im playing .

If anyone has another solution i would be glad to hear it.

A:Traffic shaping

Hi John, and welcome to SevenForums.

Can you tell us more about your setup? Such as are you on a network? What kind of router/modem are you using?
Things like that would help us identify how and what your problem actually is, and how to fix it.
Cheers

Read other 3 answers
RELEVANCY SCORE 32.4

My ISP sent me an email saying someone using my IP address has been involved in copyright infringing activity. I know who it is - I need to be able to monitor their Internet usage in order to lock down access to the sites they're getting to in these activities, and possibly even limiting the amount of bandwidth available to them or the PC they use. I've not seen a product that will allow for capturing and logging IP addresses access on individual PCs, an app that loads automatically and monitor/log in the background. The account in question is not an admin account. I don't have a gateway PC so this monitoring/logging app/software would have to reside on the PC.

Read other answers
RELEVANCY SCORE 32.4

Seems like I can only kill it for 24 hours. Here's my HJT log. I've tried eliminating the obvious, and had some help last week from someone here at the board, but it keeps coming back. Ran AVG, Spybot, CWShredder and HiJack This. If I could get my hands on the jerk(s) doing this...

Thanks for the help!!

Logfile of HijackThis v1.97.7
Scan saved at 9:35:30 PM, on 4/26/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\DV Series\Console\Watch.exe
D:\photoexpress_a\CalCheck.exe
C:\Program Files\WinZip\Wzqkpick.exe
D:\quick_delux\Qwdlls.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Tony\My Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.payfortraffic.net/search.htm
R1 - HKCU\... Read more

A:pay for traffic is back, HJT log

Read other 6 answers
RELEVANCY SCORE 32.4

I noticed that it would take my email anywhere from 30 minutes to several hours to sync with the email server. Using wireshark, I discovered every time I'd see Outlook attempting a sync, it would try hitting 195.22.26.248. I set a firewall rule to block incoming/outgoing traffic from that address and my mail would sync immediately. Several days later, mail began hanging again and wireshark revealed traffic from 195.22.28.210. I expanded the firewall rule to block traffic from 195.22.24.0/21. Also, using nslookup shows 195.22.28.210 as a non-authoritative nameserver. My FRST report:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Jefft (administrator) on 368-JEFFT-LT2 (25-10-2016 14:50:36)
Running from C:\Users\jefft\Downloads
Loaded Profiles: Jefft (Available Profiles: Jefft & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dell Inc.) C:\Windows\System32\CmgShieldSvc.exe
(Dell Inc.) C:\Windows\System32\EmsService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Disp... Read more

A:Seeing Traffic from 195.22.26.248: Possible Botnet?

hi,
 
Dont see anything in the logs that looks out of place.
Usually only here once or twice per day so you may not get a reply back from me until the following day.

Read other 6 answers