Re: sent more than received

From: Gerald Vogt (vogt_at_spamcop.net)
Date: 02/18/05 

Date: Fri, 18 Feb 2005 10:50:32 +0900

Robert wrote:
> my dialup internet connection sends a lot of data out, usually more
> than I receive when I am surfing or downloading. But even when I am
> doing nothing, it sent out a lot of data, about 3k bytes/sec.
>
> I have Windows 2000 pro sp4, ie6 sp1, eTrust antivirus, ms
> Anti-spyware, ad-aware, spybot, zone alarm personal, sygate personal.

How many AVs and PFWs are you running simultaneously?? If you have
several AV and several PFWs running at the same time I would not wonder
if you see strange effects. Use one firewall and one anti-virus. More is
not always better.

> I understand that some programs need to contact their servers to obtain
> updates, but constantly sending out 3k/sec is weird. Any idea?

You have to find out what traffic it actually is. Try a command prompt
and "netstat" to see active connections. Maybe there are some active.
"netstat -o" does report the PIDs for those connections as well (I am
not sure if this works on w2k). Check the windows task-manager and
locate the processes with these PIDs. This should give you pointers what
is active. XP has the "tasklist" command for the command prompt which
does something similar.

One of your PFWs should have the ability to log traffic. This may be a
place to look, too.

Active Ports was already mentioned elsewhere.

> I scan the system daily to get rid of spywares. Also I tried to block
> outgoing traffic using zone alarm and sygate. Zone alarm doesn't seem
> to have the option to block only outgoing traffic. Sygate does have
> the advance rules, but it didn't seem to work.

Just blocking this traffic does not help at all. You have to find out
what is happening and solve the cause of the problem. With your amount
of PFWs and AVs running it could easily be possible that they are
producing this traffic just simply with DNS look ups of each other's
access...

Gerald

Relevant Pages

  • Re: Wireless Connection for Windows 2000 desktop
    ... Microsoft Certified Professional ... the situation is same as with the USB wireless card. ... | ping websites through a command prompt but cannot open them in a browser. ... |> connections also work) but they do NOT work from my desktop ...
    (microsoft.public.win2000.general)
  • General "Fix all" for SP2 Blowback Active Sync, Sundry Connections
    ... My Dell Axim USB Sync with MS ActiveSync 3.7.1 was flaking out too, ... Completely uninstall software, drivers, and or connections related to ... devices when prompted to...or when the software installation is done. ... You may have to do a command prompt "net use ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: is someone monitoring my PC?
    ... Then open a Command Prompt and type -> netstat ... This command will show all of your current connections. ... my download packets exceeded my upload packets by ... >am using MS Windows XP firewall. ...
    (comp.security.firewalls)
  • Re: Firewall
    ... Select the Start Menu / All Programs / Accessories / Command Prompt ... Port 3 sounds unlikely. ... >>> connections under network connections, ...
    (microsoft.public.windowsxp.network_web)