Security Basics mailing list archives
RE: strange data traffic
From: "Fields, James" <James.Fields () bcbsfl com>
Date: Wed, 17 Sep 2003 09:44:30 -0400
At my company this is often caused by nightly backups of servers - any chance a network admin at your site set up something new that you aren't aware of? -----Original Message----- From: danielgil () softhome net [mailto:danielgil () softhome net] Sent: Monday, September 15, 2003 6:30 PM To: security-basics () securityfocus com Subject: strange data traffic Hi Iam using MRTG to monitor the internet traffic in my server, during day time the traffic is very intense and by night the traffic slow down significantly. This behavior repeat day after day. But a few days ago the traffic did not slow down as I expected and the MRTG show a very intense traffic activity during night-time. My question is: Can I say that this is hacker activity (perhaps downloading files)?. Could it be a robot (the ones that index html pages)?. My logs doesn't give good hints about this. by the way, there is no large files (available to simple users) to download in the server. any clue ?. Thanks in advance ------------------------------------------------------------------------ --- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ------------------------------------------------------------------------ ---- Blue Cross Blue Shield of Florida, Inc., and its subsidiary and affiliate companies are not responsible for errors or omissions in this e-mail message. Any personal comments made in this e-mail do not reflect the views of Blue Cross Blue Shield of Florida, Inc. The information contained in this document may be confidential and intended solely for the use of the individual or entity to whom it is addressed. This document may contain material that is privileged or protected from disclosure under applicable law. If you are not the intended recipient or the individual responsible for delivering to the intended recipient, please (1) be advised that any use, dissemination, forwarding, or copying of this document IS STRICTLY PROHIBITED; and (2) notify sender immediately by telephone and destroy the document. THANK YOU. --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- strange data traffic danielgil (Sep 16)
- RE: strange data traffic David Gillett (Sep 16)
- <Possible follow-ups>
- RE: strange data traffic Fields, James (Sep 17)
- Re: strange data traffic Adam Newhard (Sep 17)