Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Firefox + Wireless: Suspicious Network Activity - What could this mean


  • Please log in to reply

#1
Golden Butterflies

Golden Butterflies

    Member

  • Member
  • PipPip
  • 53 posts
So, basically I'm using an outdated version of Firefox because I both prefer it and because I can't download anything large right now due to a dying hard drive. (I know, same issue as a year ago, but things fell through with the plans to get it fixed.) I'm on Windows Vista Home Premium with an HP dv7z laptop. That's the one with an AMD Turio X2 processor, if that matters.

My neighbors run an open wireless network and don't mind me using it so long as I don't hog bandwidth, which I don't do. I tend to stick to journaling sites with the ocassional loading of a few MB of small images here and there. I wait until the confirmed "free download period" in the early morning/late night before doing anything that might use a lot of bandwidth, and don't have any software set to automatically update because... I just don't like that setting, to be honest.

Anyway. They only have 250 MB of bandwidth per day. It's satellite internet, and the FAP reeks. But whatever. Scavengers can't be choosers, and it's what works for them so I have no place to complain. That isn't the problem, anyway. The problem is that something suspicious is going on that has me freaking out and feeling like a jerk.

It started when I attempted to play a song on my flash drive. VLC spazzed out for like two minutes, so I attempted to play it again and then it worked well. I don't know if this is actually relevant, but it did strike me as odd. Later that night, my pages started loading very slowly for an unknown reason that seemed odd, so I stopped everything using the internet... and witnessed continued data transfer both inbound and outbound. Significant transfer (as monitored through RainMeter). I disconnected, reconnected, and upon reconnect it spent about another minute with unexplained data transfer inbound and outbound before settling down.

Ever since then, I've been paranoid so I don't know if what I'm observing is just something that has always happened or is something new, but either way it is very suspicious and I need some urgent help with figuring out how to track down what's going on and making sure my system isn't compromised... with the least amount of downloads possible, since my poor hard drive is still on its last leg until I can find someone else to do the repairs for a price I can afford.

I will connect to the wireless network, and it will show 250/250 free bandwidth. This means nothing has been used. I'll get about two or three small pages (mobile Twitter, AOL inbox, insanejournal.com) loaded, then it will snake down to 249 free MB. I will keep browsing per usual, and it will only go down minimally every few pages. Nothing to really make me go "Hey, wait a minute!" until about an hour and a half to two hours in. Always an hour and a half to two hours, now. Then it will start dropping by multiple MB per page load even though I'm not loading anything that could have more than a few hundred KB per page. I'll stop loading anything, though sometimes with AIM still open in the background (AIM being open or closed seems to have no effect on this happening), but it will continue dropping for a long while by 2MB - 6MB. When I leave the FAP meter page open and watch it, each automatic refresh will show a 1MB decrease.

In today's case, which is very similar to every time I observe this now, it went from 210 free MB while I was doing nothing down all the way to 162 MB free. That's a whole bunch of space disappearing. I realize it could be that the neighbors are using the connection for a bit, but I find this a touch odd timing since it's happening every time after the suspicious network activity I observed earlier this week. (Or actually it might have been last weekend, I forget.)

It seems that whenever I'm using insanejournal - which is just a lighter livejournal clone with more icon slots that I use for co-writing stories and roleplaying - this is more likely to happen, and it evens out when I've browsed away. In this case, I browsed away to this site. I still have insanejournal tabs open, though, so I don't think my friend's suggestion that it might be ads loading even though adblock won't let me see them is accurate. (Good guess, though. Glad I have helpful friends.)

Once it evens out at a ridiculously low number, almost always in the low 160's (in this case, 162 free MB bandwidth), it stays there for a few minutes then climbs back up a few MB. Right now, for example, it has gone up to 167 MB slowly but steadily - even while I actively use AIM in the background. I'm a little worried to try using the internet (beyond this) again right now, as I've been the last time I tested it, because if it keeps plummeting then I'm afraid I'll tank out the neighbor's bandwidth. Which would make me feel like a jerk and go in violation of the trust they bestowed upon me to not excessively use their bandwidth.

I'm just wondering what in the world could be causing this. Could my cache be broken, and therefore causing unseen usage to insanejournal, or the file sizes to register incorrectly with the ISP? I haven't tried clearing cache, since that would require more reloading of stuff and use more bandwidth. Could it be that the usage is really down that low and the meter takes a long time to catch up with itself and stop telling me that there's full bandwidth available? If so, that would be a new development; it has never had a lag time before.

The thing is, while I do see random brief bursts of inbound and outbound activity when I'm not actively doing anything, it's maybe a few KB at a time, for under a second. Not massive amounts of data that would be required to lower the meter as much as has been happening. But still, what's the likelihood I've caught some kind of virus? Is it possible there's something running amok on the network that isn't even related to my system?

I know that's a lot of questions, but I just need answers right now, so that I know if there's something I need to do in order to hopefully fix this or if it's some sort of common occurrence that I just haven't noticed before.

I did use IE - ugh - to load insanejournal when my Firefox was acting stupid last week. I didn't even realize until then that IJ had ads, so my system has unfortunately been exposed to banner ads via IE. There are also roughly 120 MB of TEMP files on my system, according to CCleaner. I'm hesitant to delete them, though, because of the hard drive issues. And of course, in using AIM I am exposed to one little ad running in the background on the buddy list, which I keep closed 99% of the time I have the program open. Also, in the off chance it's relevant, I did sign up for, allow via NoScript, and start using the 8tracks online 'radio' service last week. But I only used it once when it wasn't during free download period, and haven't used it in at least six days - most likely seven or eight nor have I visited the site at all in that time frame.

NOTE: As I typed the ending of this, I noticed that the free bandwidth went all the way up to 168 MB. I noticed a slight influx of the unexplained small data transfer of a few KB for under a second each, but roughly five times. Make that seven now. Now the free bandwidth is back down to 166 MB.

I just... don't know where to start with attempting to figure this out, and deciding whether it's something I should just leave alone or pursue. I just have the feeling that something is very, very wrong. So any and all advice and help would be appreciated.

Thanks in advance, and while I do respect that it takes time to read all this (sorry it's so wordy!) and everyone here is a volunteer, please respond as quickly as you can. I want to figure this out before anything has a chance to go terribly wrong.

Edited by Golden Butterflies, 13 November 2011 - 10:09 AM.

  • 0

Advertisements


#2
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 5,958 posts
Hi Golden Butterflies,

Yes! That is a lot to take in. Let me explain something here. You stated the following:

My neighbors run an open wireless network and don't mind me using it so long as I don't hog bandwidth, which I don't do.


This is called piggybacking. It is illegal, yet your neighbors have given you permission to access their unsecure connection. Beings they have given you permission to access their unsecure connection does not mean that others who are in range of this connection are not accessing their connection illegally which can cause the bandwidth to perform as you say it is. I would talk to those neighbors and tell them to secure the connection with a passcode and give you the passcode so you have access to it then no one else but you and them can access and no FAP limits will be violated that could cause a temporary reduction of speed or to prevent from having the connection shut down completely.

250 MB's is not a lot at all. Securing that connect is a must! Talk to your neighbors.

Donna :)

Edited by DonnaB, 13 November 2011 - 02:09 PM.

  • 0

#3
Golden Butterflies

Golden Butterflies

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Donna,

You know, it's kind of silly, but I never thought that could be a possibility even though there are a few houses also within range of the network. I'll definitely have to talk to them about securing the connection, then. Hopefully that can clear everything up and I won't have to be paranoid anymore while they won't be at risk of having their access shut down by the ISP.

I did end up staying online for a few hours yesterday, and after the usage had evened out it behaved normally until much later when it randomly dropped by about 30 MB, three more, then evened out again and once more went to working properly. So that does seem to support what you're saying, that it's someone else using the connection. Perhaps the neighbors who own the connection, but I doubt it would be them every time since until recently the usage never dropped so dramatically even with myself and them using it semi-regularly. Either way, it couldn't hurt to secure the network and having to put in a passcode is no big deal in exchange for the fact that they're generous enough to grant me permission to use the wireless at all.

Just to be certain, however, is there a possibility that it could be on my end? I only ask because I do keep seeing little random bursts of a few kb at a time inbound and outbound when I don't think anything should be running. Or could it be that the router and my system are making sure they're still paired? (I really have no idea how that works, unfortunately, but I do know it shows inbound and outbound when I check the pages supplied by the network itself - such as the FAP usage meter. So I'm just guessing here that maybe it's normal to show some activity if the router and my computer are communicating for whatever reason.)

Thanks for the info! :)

~Golden Butterflies
  • 0

#4
Golden Butterflies

Golden Butterflies

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
So... I'm still paranoid here, and I apologize, but I thought I should update.

Once again, the connection is doing the odd thing with excessive dropping. And once again, it's a few hours after I sign onto the network. When I signed on in the first place, there was no bandwidth usage at all, now all the sudden this is happening - and within a different time of day/night, so it couldn't be related to automatic updates. (At this precise time last night, it was working properly.) So while it may be a complete coincidence, it just feels and looks as if all of this is somehow tied to my presence on the network when I don't have anything running - or any large enough traffic showing in my inbound and outbound - to account for the drastic changes.

Right now, the connection itself has slowed to an unbearable crawl with occasional bursts of working but is assuredly not under a FAP violation according to the meter. The troubleshooting from the router claims "Excessive LAN Traffic" and mentions it's possibly a sign of virus or spyware. Which, of course, makes me once again terrified that something is running loose on my system - or on the network in general - that is causing everything to go awry all the sudden.

It has also been citing Uplink issues on and off since even before I noticed this drastic issue, but for under two weeks. Once again, it claims possible virus/spyware issues, but at least for Uplink it also cites that too many computers may be using the connection at once. For the "Excessive LAN Traffic" it doesn't say that's a possibility. Just virus/spyware. So that's kind of terrifying.

What should I do, and should I be worried now? (I am, but... I'm prone to paranoia when it comes to security.)
  • 0

#5
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 5,958 posts
I have a satellite connection myself. We are on a 30 rotating usage of bandwidth. Today is the 14th, so the usage that shows on my bandwidth meter displays the usage from the 14th of last month to the 14th of this month. Tomorrow it will show from the 15th to the 15th and so on. The only time our bandwidth fluctuated the way you say your neighbors does is when our daughter decided to download tons of videos/music that sent us over the top and we violated our FAP.

As I said, I would talk to the neighbors. Someone close by could be using the connection to download large files which makes it fluctuate as it does. Could it be the ones who own the connection? Could be! You need to find out. And talking to them about this opening will show that you appreciate how gracious they are in allowing you to access their connection.

:)
  • 0

#6
Golden Butterflies

Golden Butterflies

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
That's something I didn't realize about usage meters. This one appears to go down and up according to real time usage, however. For example, by 'updating normally' when it isn't doing the odd usage thing, I mean that - for example - I download a Christmas photo my aunt emailed to me. It's a high-quality file roughly 1MB in size. The meter goes down 1MB in space alloted. Over the next half-hour or so, if I only browse text or do nothing at all and the neighbors also aren't online, the alloted space refills.

Anyway, you're right. I'll have to talk to them as soon as possible. (Right now it's late at night. :)) And hopefully that I'm concerned about this will, indeed, make it obvious how seriously I take their generosity. But I'll be sure to express it as well, of course.

Thanks again, and here's hoping securing the network will make all of this odd activity stop. Or that it'll turn out to be normal and caused by the owners using it.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP