I am probably the most dangerous kind of user. I have the heart of a true tinker and I'm very curious... But I have no formal training on networking. That being said I would like to describe what is going on and would welcome comments or suggestions - even links to more information.
I have a cable modem from optimum online. We also have a cisco wireless router and a number of wireless devices. recently I have noticed that there has been a serious change in our network activity and significant speed problems. I have done all basic trouble shooting (i.e. turning off all/most wireless connections to check speed, directly connecting to the modem, virus scanning the computers, checking for updates on all items)
I began to think I had a computer which was a "zombie" but could not find any virus or malware on it. I also understand that it does not mean that nothing is there... but the updated sophos anivirus for mac could not find anything. I use firefox with "noscript" and stay away from strange downloads or torrent files.
I have read all over that there are constant problems with wifi networks getting hacked and the like so have changed the passwords and also used a mac address filter so only authorized devices can access the wifi router, but things are still very very slow. I know many providers are having problems keeping up with the load on servers and some are even causing problems for streaming companies by cutting bandwidth or slowing it (there are a number of lawsuits going about this and cablevision/optimum is one of them). So, I guess I'm not sure what the problem is. I understand it could be anything, even that my network cable needs to be replaced...
Yesterday I decided to monitor the "traffic" from my network by viewing the log files produced by my wireless router and noticed that an IP address was listed, that I did not recognize. All other devices were powered off and only my laptop, router and modem were active. There were a number of communications - constant network chatter to various IP/DNS addresses in the log even though I was not doing anything on the computer an all applications were closed accept the router settings in firefox. Several of these IP addresses went to google and some other big name companies, mostly fraud departments and copyright verifications. I have a copy of the log file if anyone is interested and used domaintools.com whois to find the information on the ips...
Does this mean that:
1.) There is something on my computer contacting these address using a strange IP address?
2.) That the modem is talking to these addresses?
3.) Is this the network activity that is slowing down my network? as it is constant, every 10-30 seconds.
4.) Could the computer be a zombie and is now being monitored for sending malware or something?
I have many questions and would even be willing to speak to (read pay for classes) someone "tutor" style to understand this better. I am not a great book learner - tinkering is my method - so I have trouble with those encyclopedic books on networking...
Xplain's use of MacNews, AppleCentral and AppleExpo are not affiliated with Apple, Inc. MacTech is a registered trademark of Xplain Corporation. AppleCentral, MacNews, Xplain, "The journal of Apple technology", Apple Expo, Explain It, MacDev, MacDev-1, THINK Reference, NetProfessional, MacTech Central, MacTech Domains, MacForge, and the MacTutorMan are trademarks or service marks of Xplain Corp. Sprocket is a registered trademark of eSprocket Corp. Other trademarks and copyrights appearing in this printing or software remain the property of their respective holders.
All contents are Copyright 1984-2010 by Xplain Corporation. All rights reserved. Theme designed by Icreon.