NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SRXN3205 troubleshooting
Windows 7/AT&T/FastAccess Business DSL 3M
We have problems with our internet being slow. Ive isolated the DSL modem and the traffic is within specification. I enabled traffic meter on the netgear router and it is showing that excessive email traffic (> 2GB per day) is being transmitted outbound (even when no one is there). I enabled logging and cannot find that traffic in the log. I attempted to capture packets but I cannot open the cap file to review. If the traffic metering is accurate then it will explain the slow upstream we are getting. How can I determine where this traffic is comming from using the SRXN3205 product?
Thank you
We have problems with our internet being slow. Ive isolated the DSL modem and the traffic is within specification. I enabled traffic meter on the netgear router and it is showing that excessive email traffic (> 2GB per day) is being transmitted outbound (even when no one is there). I enabled logging and cannot find that traffic in the log. I attempted to capture packets but I cannot open the cap file to review. If the traffic metering is accurate then it will explain the slow upstream we are getting. How can I determine where this traffic is comming from using the SRXN3205 product?
Thank you
8 Replies
- Do you shut all computer down and you are seeing massive usage of email traffic?
- Do you have an email server on the LAN?
- About 7 PC's on a peer-to-peer.
Machines are generally left on - I'd have to ask if they would turn them off at close of business to test.
No email server on LAN. Machines are generally left on - I'd have to ask if they would turn them off at close of business to test.
I would do "mandatory" shut down at the end of the day observe the issues.jmizoguchi wrote: I would do "mandatory" shut down at the end of the day observe the issues.
I will ask for a shutdown.
In the meantime, can you tell me in your expereince if the traffic meter is accurate? I've let this run for > than full day now and the avg is 6028MB per day outgoing email traffic (incoming is 300).
I know that is not work product because with that growth rate the file server volumes would be filled already.- I think your best bet is to shutdown to see the changes. I hope you do.
If you don't have email server of your own then something is causing to move traffic.
I personally don't measure on mine with UTM 25 I use - ok - so I did a shutdown and traffic subsided.
Once they were all back on I saw traffic again.
I created new firewall rules to allow all LAN->WAN traffic and log entries.
This let me see all of the traffic.
From there I was able to decern that there was significant traffic attempts on arbitray ports to many foriegn countries from a specific workstation.
I believe one of the machines may be part of a bot net.
I will research futher and scan the suspect machine but I think the mystery is solved.
thanks for your assistance. - sounds like pc got adware/malware etc... all those good stuff :D
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
