Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Inordinate Increase in Traffic, Can't figure out what it is.

    Off-Topic & Non-Support Discussion
    5
    24
    9.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Cry HavokC
      Cry Havok
      last edited by

      You probably need to find a local IT consultant, preferably one with both Microsoft and security backgrounds, to have a look at your systems. You've got something running on both those systems that's performing this activity, but whether it is malware (and the fact that your AV hasn't picked it up doesn't mean it isn't there) or something else isn't clear.

      1 Reply Last reply Reply Quote 0
      • T
        tomf
        last edited by

        Thanks, I am in the process. Seems that my pfSense config allows DNS access from external. I'll have to look up how to change that.

        ~ tommy

        1 Reply Last reply Reply Quote 0
        • Cry HavokC
          Cry Havok
          last edited by

          Check your WAN rules and ensure that you don't allow port 53 (TCP and UDP) to any IP address but only to any device you're providing DNS services to external IP addresses from.

          1 Reply Last reply Reply Quote 0
          • T
            tomf
            last edited by

            Sorry for the late followup on this. Finally resolved the issue. The DNS was open to public, closed that and after a week it all went back to normal.

            Thanks everyone for the input and help. Learning as I go.

            ~ Tom

            1 Reply Last reply Reply Quote 0
            • First post
              Last post