Constant incoming traffic from no known source?

Discussion in 'macOS' started by bradleyjx, Sep 7, 2009.

  1. bradleyjx macrumors member

    Joined:
    Jul 7, 2008
    Location:
    Madison, WI
    #1
    System: uMB 2.4/4GB Ram, October 2008, running 10.6

    In the past couple days, I've all-of-a-sudden noticed that I'm receiving incoming network traffic; sometimes it's 300-400kbps, sometimes it's almost 1Mbps. It'll occasionally stop for a period of a few seconds to a minute, then pick up again. Disconnecting the computer from the network will stop it (obv), but it picks right up immediately upon reconnecting.

    No programs are running that would seem to cause this behavior. Nothing is being downloaded (I mostly do that on a separate machine anyways) and nothing is running when this begins that would lean me towards a problem.

    Switching from a wired connection to a wireless connection does stop the download completely, which lends me to think that this is most likely an attack on that IP, though I can't find a way to be sure or to even look further on that idea.

    Any ideas?
     
  2. bearcatrp macrumors 68000

    Joined:
    Sep 24, 2008
    Location:
    Boon Docks USA
    #2
    Go to your firewall settings and uncheck access with valid certificate. I saw this when I installed SL and presume it lets any program that has a valid certificate gain access. I actually lock mine down except programs I select to have access.
     
  3. bradleyjx thread starter macrumors member

    Joined:
    Jul 7, 2008
    Location:
    Madison, WI
    #3
    hm... that doesn't seem to affect anything, no matter how I set those settings and restart a couple times. (even to block everything as much as those options allow)

    Is there a way in OSX or a program that I can use to check sources of incoming packets? If there is, additionally, is there a way in OSX to selectively block by IP address?
     
  4. bradleyjx thread starter macrumors member

    Joined:
    Jul 7, 2008
    Location:
    Madison, WI
    #5
    I tried it initially to see if there was anything that i could see; the only thing close was mDNSresponder, which perked up every few seconds. Other than that LS was quiet with ~600kbps incoming and nothing suspicious.

    (I didn't expect anything initially from it anyways, unless I could find a trigger outgoing that triggered the incoming flood)

    @pjmburg: I'm on a campus connection most of the time (100Mbps down), so it may just be a proportional download.
     
  5. pjmburg macrumors newbie

    Joined:
    Jun 21, 2009
    #6
    I'm actually having the exact same problem. The amount of traffic is a lot lower, but I have a slow connection too. Hmm....
     
  6. fedgrub macrumors newbie

    Joined:
    Feb 17, 2010
    #7
    This is the exact same problem I am having... So frustrating.
     

Share This Page