Professional Web Applications Themes

Is someone phoning home? Unexplained traffic on dial up - Mac Networking

I am seeing some incoming and outgoing traffic on an idle dial up connection that I cannot pin down. If I dial into my ISP and don't do anything, there is still traffic even with all applications closed except Net Monitor or Internet Connect. My modem log has shown 10.0 KB read and 9.6 KB sent for an 11 minute connection as an example. Netstat from the Network Utility also shows traffic (I am pretty much lost as to all the entries in Netstat). The traffic will appear periodically. This prevents me from being able to have a 10 minute ...

  1. #1

    Default Is someone phoning home? Unexplained traffic on dial up

    I am seeing some incoming and outgoing traffic on an idle dial up
    connection that I cannot pin down. If I dial into my ISP and don't do
    anything, there is still traffic even with all applications closed
    except Net Monitor or Internet Connect. My modem log has shown 10.0 KB
    read and 9.6 KB sent for an 11 minute connection as an example. Netstat
    from the Network Utility also shows traffic (I am pretty much lost as to
    all the entries in Netstat). The traffic will appear periodically. This
    prevents me from being able to have a 10 minute timeout for automatic
    disconnect.

    I have watched the Process Viewer set for 1 second updates. I will see
    what appear to be rogue entries right after establishing a connection
    and sometimes periodically throughout the session. They *seem* to
    coincide with the activity shown by Net Monitor or Internet Connection.
    The process name is usually blank, but I have seen the "" sign, the
    infinity sign, or some other character. The user is alway "????". If I
    am quick enough to click on the process to get more information, I am
    only able to catch the word "null" in the description. The process just
    comes and goes too quickly to capture any more information.

    I find this activity whether I am logged in to my account or an
    auxiliary account without administrator privileges. I also see this
    activity when booted from another installation (on a different disk) of
    OS 10.2.6 I use for testing purposes.

    This activity is does not appear if I boot into OS 9.1 and connect with
    Remote Access. There a connection will timeout and disconnect. That
    would seem to rule out anything coming coming in from outside such as
    any pinging activity.

    I have tried Little Snitch 1.1rc1 with only the system processes being
    allowed activity. Little Snitch did not pick up any process when I saw
    traffic.

    Norton Antivirus 7.02 shows a clean scan (except for what it reports as
    file system errors -- hey, it's Norton whadya expect).

    Is there anything else I can do to find out the source of this traffic?
    I would like to be able to start longer downloads and be able to leave
    the computer unattended knowing it will disconnect shortly after it is
    done.

    System: B&W G3/300, OS 10.2.6, Global Village external modem, Keyspan
    USB->serial adapter, PPP options set for disconnect after 10 minutes,
    option for echo packets turned off.

    --
    Matt Broughton
    Only relatives are absolute.
    Matt Broughton Guest

  2. #2

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <walterwego-E1AB6F.21222503092003corp.supernews.com>,
    Matt Broughton <walterwegomacosx.com> wrote:
    > I am seeing some incoming and outgoing traffic on an idle dial up
    > connection that I cannot pin down. If I dial into my ISP and don't do
    > anything, there is still traffic even with all applications closed
    > except Net Monitor or Internet Connect. My modem log has shown 10.0 KB
    > read and 9.6 KB sent for an 11 minute connection as an example. Netstat
    > from the Network Utility also shows traffic (I am pretty much lost as to
    > all the entries in Netstat). The traffic will appear periodically. This
    > prevents me from being able to have a 10 minute timeout for automatic
    > disconnect.
    I'd be looking for a packet sniffer to log everything in and out of the
    machine so I could see what, precisely, was going on. That might give
    you a better idea of what to be looking for...

    --
    Don Bruder - [email]dakiddsonic.net[/email] <--- Preferred Email - unmunged, SpamAssassinated
    Hate SPAM? See <http://www.spamassassin.org> for some seriously great info.
    I will choose a path that's clear: I will choose Free Will! - N. Peart
    Fly trap info pages: <http://www.sonic.net/~dakidd/Horses/FlyTrap/index.html>
    Don Bruder Guest

  3. #3

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    Don Bruder wrote:
    > I'd be looking for a packet sniffer to log everything in and out of the
    > machine so I could see what, precisely, was going on. That might give
    > you a better idea of what to be looking for...
    Like 'tcpdump' - already part of OS X


    --
    Wes Groleau

    Is it an on-line compliment to call someone a Net Wit ?

    Wes Groleau Guest

  4. #4

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <UBKdnVJl1LeEX8uiU-KYvAgbronline.com>,
    Wes Groleau <groleaufreeshell.org> wrote:
    > Don Bruder wrote:
    > > I'd be looking for a packet sniffer to log everything in and out of the
    > > machine so I could see what, precisely, was going on. That might give
    > > you a better idea of what to be looking for...
    >
    > Like 'tcpdump' - already part of OS X
    Sounds good to me. I know next to zip-ola about X and what tools are
    available for it, either built in, or add on, since I'm sticking with
    9.x for the time being. Whatever program works as a packet sniffer so
    the traffic can be watched and maybe IDed.

    --
    Don Bruder - [email]dakiddsonic.net[/email] <--- Preferred Email - unmunged, SpamAssassinated
    Hate SPAM? See <http://www.spamassassin.org> for some seriously great info.
    I will choose a path that's clear: I will choose Free Will! - N. Peart
    Fly trap info pages: <http://www.sonic.net/~dakidd/Horses/FlyTrap/index.html>
    Don Bruder Guest

  5. #5

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <UBKdnVJl1LeEX8uiU-KYvAgbronline.com>,
    Wes Groleau <groleaufreeshell.org> wrote:
    > Don Bruder wrote:
    > > I'd be looking for a packet sniffer to log everything in and out of the
    > > machine so I could see what, precisely, was going on. That might give
    > > you a better idea of what to be looking for...
    >
    > Like 'tcpdump' - already part of OS X
    Thanks to Don and Wes for the responses. I though about some sort of
    packet sniffer, but thought they were commercial software and expensive.

    I took a look at 'man tcpdump' and deciphered enough to drop into root
    and 'run tcpdump -a'. I ran two short sessions. The first would seem
    to indicate just echo packets. I'm still not sure if I am sending them
    or my ISP is sending them to me. I do have echo packets turned off in
    the PPP options. The second session may prove more interesting as I see
    an 'aol' in an echo packet line.

    While I have a slightly better understanding of what is going on, would
    someone be kind enough to interpret the following and offer a solution
    to stop this traffic. Sorry for the length--

    First session----
    bash-2.05a$ sudo -s
    Password:
    bash-2.05a# tcpdump -a
    tcpdump: listening on ppp0
    08:46:00.785791 64.76.2.15 > d67.as0.gnlk.wi.voyager.net: icmp: echo
    request
    08:46:00.785914 d67.as0.gnlk.wi.voyager.net > 64.76.2.15: icmp: echo
    reply
    08:46:01.074753 d67.as0.gnlk.wi.voyager.net.49155 >
    dns.voyager.net.domain: 1641+ PTR? 15.2.76.64.in-addr.arpa. (41)
    08:46:01.372743 dns.voyager.net.domain >
    d67.as0.gnlk.wi.voyager.net.49155: 1641 NXDomain* 0/1/0 (125) (DF)
    08:46:01.378952 d67.as0.gnlk.wi.voyager.net.49155 >
    dns.voyager.net.domain: 44947+ PTR? 67.138.77.64.in-addr.arpa. (43)
    08:46:01.566738 dns.voyager.net.domain >
    d67.as0.gnlk.wi.voyager.net.49155: 44947* 1/3/3 (211) (DF)
    08:46:02.593969 d67.as0.gnlk.wi.voyager.net.49155 >
    dns.voyager.net.domain: 49555+ PTR? 4.128.153.209.in-addr.arpa. (44)
    08:46:02.764679 dns.voyager.net.domain >
    d67.as0.gnlk.wi.voyager.net.49155: 49555 1/3/3 PTR[|domain] (DF)
    08:46:07.979495 intermedia.net > d67.as0.gnlk.wi.voyager.net: icmp: echo
    request
    08:46:07.979621 d67.as0.gnlk.wi.voyager.net > intermedia.net: icmp: echo
    reply
    08:46:08.811698 d67.as0.gnlk.wi.voyager.net.49155 >
    dns.voyager.net.domain: 44682+ PTR? 254.63.78.64.in-addr.arpa. (43)
    08:46:09.102315 dns.voyager.net.domain >
    d67.as0.gnlk.wi.voyager.net.49155: 44682* 1/3/3 (209) (DF)
    08:46:26.921186 64.80.217.86 > d67.as0.gnlk.wi.voyager.net: icmp: echo
    request
    08:46:26.921307 d67.as0.gnlk.wi.voyager.net > 64.80.217.86: icmp: echo
    reply
    08:46:27.114896 d67.as0.gnlk.wi.voyager.net.49155 >
    dns.voyager.net.domain: 32964+ PTR? 86.217.80.64.in-addr.arpa. (43)
    08:46:27.267167 dns.voyager.net.domain >
    d67.as0.gnlk.wi.voyager.net.49155: 32964 NXDomain 0/1/0 (97) (DF)
    ^C
    16 packets received by filter
    0 packets dropped by kernel
    bash-2.05a# exit
    exit
    bash-2.05a$


    Second session where I resolved some domain names by using [url]http://privacy.net/yze[/url].
    The end of their traceroute back to me is (I dropped the hop number and
    response time)
    216.136.5.34 transit-twtc-ds3.nwbl.wi.voyager.net
    169.207.224.66 481.at-0-1-0.rtr0.milw.wi.voyager.net
    169.207.50.82 3-120.atm1-0.rtr0.oshk0.wi.voyager.net
    64.77.128.242 se0-0.rtr0.gnlk.wi.voyager.net
    64.77.128.131 as1.gnlk.wi.voyager.net
    125 125 172 64.77.138.201 d73.as1.gnlk.wi.voyager.net

    Second tcpdump session--
    bash-2.05a$ sudo -s
    Password:
    bash-2.05a# tcpdump -a
    tcpdump: listening on ppp0
    08:57:37.658298 acc90604.ipt.aol.com > d73.as1.gnlk.wi.voyager.net:
    icmp: echo request
    08:57:37.658420 d73.as1.gnlk.wi.voyager.net > acc90604.ipt.aol.com:
    icmp: echo reply
    08:57:38.628825 d73.as1.gnlk.wi.voyager.net.49156 >
    dns.voyager.net.domain: 43182+ PTR? 4.6.201.172.in-addr.arpa. (42)
    08:57:38.803238 dns.voyager.net.domain >
    d73.as1.gnlk.wi.voyager.net.49156: 43182 1/3/3 PTR[|domain] (DF)
    08:57:38.806867 d73.as1.gnlk.wi.voyager.net.49156 >
    dns.voyager.net.domain: 49390+ PTR? 201.138.77.64.in-addr.arpa. (44)
    08:57:38.982361 dns.voyager.net.domain >
    d73.as1.gnlk.wi.voyager.net.49156: 49390* 1/3/3 (213) (DF)
    08:57:39.997386 d73.as1.gnlk.wi.voyager.net.49156 >
    dns.voyager.net.domain: 41092+ PTR? 4.128.153.209.in-addr.arpa. (44)
    08:57:40.154150 dns.voyager.net.domain >
    d73.as1.gnlk.wi.voyager.net.49156: 41092 1/3/3 PTR[|domain] (DF)
    08:58:10.705316 d73.as1.gnlk.wi.voyager.net.49157 >
    a216-93-82-7.deploy.akamaitechnologies.net.http: F
    883141723:883141723(0) ack 1464308463 win 8192 <nop,nop,timestamp
    922537422 1082181609> (DF)
    08:58:10.837281 a216-93-82-7.deploy.akamaitechnologies.net.http >
    d73.as1.gnlk.wi.voyager.net.49157: . ack 1 win 31856 <nop,nop,timestamp
    1082212976 922537422> (DF)
    08:58:10.847297 a216-93-82-7.deploy.akamaitechnologies.net.http >
    d73.as1.gnlk.wi.voyager.net.49157: F 1:1(0) ack 1 win 31856
    <nop,nop,timestamp 1082212976 922537422> (DF)
    08:58:10.847418 d73.as1.gnlk.wi.voyager.net.49157 >
    a216-93-82-7.deploy.akamaitechnologies.net.http: . ack 2 win 8192
    <nop,nop,timestamp 922537423 1082212976> (DF)
    08:58:11.198204 d73.as1.gnlk.wi.voyager.net.49156 >
    dns.voyager.net.domain: 31797+ PTR? 7.82.93.216.in-addr.arpa. (42)
    08:58:11.355239 dns.voyager.net.domain >
    d73.as1.gnlk.wi.voyager.net.49156: 31797 1/3/3 PTR[|domain] (DF)
    08:59:10.312666 d94.as2.oshk0.wi.voyager.net >
    d73.as1.gnlk.wi.voyager.net: icmp: echo request
    08:59:10.312787 d73.as1.gnlk.wi.voyager.net >
    d94.as2.oshk0.wi.voyager.net: icmp: echo reply
    08:59:10.377119 d73.as1.gnlk.wi.voyager.net.49156 >
    dns.voyager.net.domain: 37729+ PTR? 222.131.77.64.in-addr.arpa. (44)
    08:59:10.529646 dns.voyager.net.domain >
    d73.as1.gnlk.wi.voyager.net.49156: 37729 1/3/3 PTR[|domain] (DF)
    ^C
    18 packets received by filter
    0 packets dropped by kernel
    bash-2.05a# exit
    exit
    bash-2.05a$


    Thanks for any insights.

    --
    Matt Broughton
    Only relatives are absolute.
    Matt Broughton Guest

  6. #6

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    Matt Broughton wrote:
    > 08:57:37.658298 acc90604.ipt.aol.com
    > d73.as1.gnlk.wi.voyager.net:
    > icmp: echo request
    > icmp: echo reply
    > d73.as1.gnlk.wi.voyager.net: icmp: echo request
    > d94.as2.oshk0.wi.voyager.net: icmp: echo reply
    It appears that script kiddies at aol and voyager.net are pinging you,
    looking for an open machine. They will ping you every 5 or 10 minutes,
    even though your machine is useless to them. It also appears
    you aren't discarding pings in your hardware firewall (if any),
    and that you are replying to some pings, even though you said
    you weren't IIRC. Basically if they don't get any ping response,
    that means there's no machine, so they give up and move on to some
    hapless windope on Kazaa or Morpheus.
    George Williams Guest

  7. #7

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    Matt Broughton <walterwegomacosx.com> wrote:
    > While I have a slightly better understanding of what is going on, would
    > someone be kind enough to interpret the following and offer a solution
    > to stop this traffic.
    I can't help with interpretation.

    It is known that the Mac will sometimes dial out of its own accord.
    Apple's advice is to turn off the "connect automatically" option. They
    have not said what causes this behaviour.
    --
    Send e-mail to the Reply-To address;
    mail to the From address is never read
    Daniel Cohen Guest

  8. #8

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <1g0rwoy.ns3g361k5mnwgN%danspamf2s.com>,
    [email]danspamf2s.com[/email] (Daniel Cohen) wrote:
    > Matt Broughton <walterwegomacosx.com> wrote:
    >
    > > While I have a slightly better understanding of what is going on, would
    > > someone be kind enough to interpret the following and offer a solution
    > > to stop this traffic.
    >
    > I can't help with interpretation.
    >
    > It is known that the Mac will sometimes dial out of its own accord.
    > Apple's advice is to turn off the "connect automatically" option. They
    > have not said what causes this behaviour.
    One well-known common source of this is the Mac wanting to contact a
    network time server, to make sure the clock is set correctly.

    --
    Tom "Tom" Harrington
    Macaroni, Automated System Maintenance for Mac OS X.
    Version 1.4: Best cleanup yet, gets files other tools miss.
    See [url]http://www.atomicbird.com/[/url]
    Tom Harrington Guest

  9. #9

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    > Matt Broughton <walterwegomacosx.com> wrote:
    >>While I have a slightly better understanding of what is going on, would
    >>someone be kind enough to interpret the following and offer a solution
    >>to stop this traffic.
    I crashed my Mac [1] while answering, and lost the
    log, but here's what I saw:

    Your machine 'pinged' the IP address assigned it
    by the ISP.

    Then it asked the ISP for the name associated
    with that IP address.

    Then intermedia.net pinged you.

    And you were also looking up other addresses,
    but that's when I crashed.

    [1] How to crash OS 10.1.5:

    a. Connect to internet by PPP/dialup

    b. sudo tcpdump -i ppp0

    c. When your teenager begs for the phone, disconnect
    the modem.

    d. While the modem is not connected, close the
    terminal window contiaining the tcpdump process.

    :-)

    --
    Wes Groleau
    Alive and Well
    [url]http://freepages.religions.rootsweb.com/~wgroleau/[/url]

    Wes Groleau Guest

  10. #10

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    Tom Harrington <tphpcisys.no.spam.dammit.net> writes:
    >
    > One well-known common source of this is the Mac wanting to contact a
    > network time server, to make sure the clock is set correctly.
    Another is the Software Updates facility checking for updates.

    If you have iChat running in the background, it will be doing some
    communicating. Even if the window is closed, it will maintain the
    connection until you change your state to "disconnected".

    AOL Instant Messenger also has an option to remain connected while
    the window is closed.

    If you have a mounted iDisk, then that will also maintain an open
    connection.

    -- David
    David C. Guest

  11. #11

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <3F57678B.820EE83Dmac.com>,
    George Williams <nyar1ath0tepmac.com> wrote:
    > Matt Broughton wrote:
    >
    > > 08:57:37.658298 acc90604.ipt.aol.com
    > > d73.as1.gnlk.wi.voyager.net:
    > > icmp: echo request
    > > icmp: echo reply
    > > d73.as1.gnlk.wi.voyager.net: icmp: echo request
    > > d94.as2.oshk0.wi.voyager.net: icmp: echo reply
    >
    > It appears that script kiddies at aol and voyager.net are pinging you,
    > looking for an open machine. They will ping you every 5 or 10 minutes,
    > even though your machine is useless to them. It also appears
    > you aren't discarding pings in your hardware firewall (if any),
    > and that you are replying to some pings, even though you said
    > you weren't IIRC. Basically if they don't get any ping response,
    > that means there's no machine, so they give up and move on to some
    > hapless windope on Kazaa or Morpheus.
    Thanks for the interpretation. I did finally read the man page where it
    described the format for the output. It supports what you are saying.
    I wasn't sure who was originating the traffic, i.e., whether it was
    originating with my computer or whether my computer was responding to
    incoming traffic.

    It is also interesting that Wes Groleau interpreted my first session as
    my computer started the ping.

    I feel I am in a pretty good position now to keep track of what is going
    on with tcpdump and ipfw. I'm think I can find a way to deal with the
    traffic by proper configuration of the firewall. I have also downloaded
    MacSniffer and BrickHouse for the GUI frontend to tcpdump and ipfw.

    At least it doesn't appear to be the RIAA looking for someone else to
    shakedown -- ah, I mean sue. ;-) They won't find any peer to peer
    software here.

    --
    Matt Broughton
    "...the Justice Department characterized the First, Fourth, Fifth, and Sixth Ammendments to the Constitution as typos." (C) 2003 Bill Amend/Dist. by Universal Press Syndicate
    [url]http://www.ucomics.com/foxtrot/2003/08/24/[/url]
    Matt Broughton Guest

  12. #12

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <tph-57A9A4.13303004092003localhost>,
    Tom Harrington <tphpcisys.no.spam.dammit.net> wrote:
    > In article <1g0rwoy.ns3g361k5mnwgN%danspamf2s.com>,
    > [email]danspamf2s.com[/email] (Daniel Cohen) wrote:
    >
    > > Matt Broughton <walterwegomacosx.com> wrote:
    > >
    > > > While I have a slightly better understanding of what is going on, would
    > > > someone be kind enough to interpret the following and offer a solution
    > > > to stop this traffic.
    > >
    > > I can't help with interpretation.
    > >
    > > It is known that the Mac will sometimes dial out of its own accord.
    > > Apple's advice is to turn off the "connect automatically" option. They
    > > have not said what causes this behaviour.
    >
    > One well-known common source of this is the Mac wanting to contact a
    > network time server, to make sure the clock is set correctly.
    Thanks to Tom, Daniel, and David and anyone I forgot for your responses.
    The System Preferences was my first stop. I made sure that Software
    Update was turned off, that I wasn't allowing applications to
    automatically connect, and that "use network time server" was unchecked.
    I don't use any of the instant messaging programs and Process Viewer
    didn't show any of them to be running at any point.

    It looks like I am being pinged from outside or somehow my computer is
    deciding to ping my ISP.

    --
    Matt Broughton
    Only relatives are absolute.
    Matt Broughton Guest

  13. #13

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <BJmcnYpqQbPEUMqiXTWJjwgbronline.com>,
    Wes Groleau <groleaufreeshell.org> wrote:
    > > Matt Broughton <walterwegomacosx.com> wrote:
    > >>While I have a slightly better understanding of what is going on, would
    > >>someone be kind enough to interpret the following and offer a solution
    > >>to stop this traffic.
    >
    > I crashed my Mac [1] while answering, and lost the
    > log, but here's what I saw:
    >
    > Your machine 'pinged' the IP address assigned it
    > by the ISP.
    >
    > Then it asked the ISP for the name associated
    > with that IP address.
    >
    > Then intermedia.net pinged you.
    >
    > And you were also looking up other addresses,
    > but that's when I crashed.
    Thanks for the reply Wes. I'll have to take another look at that first
    session I cited.

    The second session I cited in my post seems to go the other way
    according to George Williams.

    At least I think I now have the tools to watch what's going on and take
    the appropriate action.
    >
    > [1] How to crash OS 10.1.5:
    >
    > a. Connect to internet by PPP/dialup
    >
    > b. sudo tcpdump -i ppp0
    >
    > c. When your teenager begs for the phone, disconnect
    > the modem.
    >
    > d. While the modem is not connected, close the
    > terminal window contiaining the tcpdump process.
    >
    > :-)
    Ah yes. I would periodically have problems disconnecting in OS 10.1.x.
    The process wouldn't finish closing out. I found out that unplugging
    the Keyspan adapter that had my modem on it was cause for instant kernel
    panic

    --
    Matt Broughton

    "...the Justice Department characterized the First, Fourth, Fifth, and Sixth Ammendments to the Constitution as typos." (C) 2003 Bill Amend/Dist. by Universal Press Syndicate
    [url]http://www.ucomics.com/foxtrot/2003/08/24/[/url]
    Matt Broughton Guest

  14. #14

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    Tom Harrington <tphpcisys.no.spam.dammit.net> wrote:
    > One well-known common source of this is the Mac wanting to contact a
    > network time server, to make sure the clock is set correctly.
    Yes, I should have mentioned that possibility. But the problem can arise
    even when that and all *obvious* options are turned off.
    --
    Send e-mail to the Reply-To address;
    mail to the From address is never read
    Daniel Cohen Guest

  15. #15

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article <walterwego-3E3363.20400504092003corp.supernews.com>,
    Matt Broughton <walterwegomacosx.com> wrote:
    > It looks like I am being pinged from outside or somehow my computer is
    > deciding to ping my ISP.
    There's an option in PPP configuration to use echo to watch the state of
    the connection. Do you have that on? (I don't think they show up as
    ping, but I've never actually looked.)

    --John

    --
    Email to above address discarded by provider's server. Don't bother sending.
    John Baxter Guest

  16. #16

    Default Re: Is someone phoning home? Unexplained traffic on dial up

    In article
    <news.collectivize-A680D4.13590605092003corp.supernews.com>,
    John Baxter <news.collectivizescandaroon.com> wrote:
    > In article <walterwego-3E3363.20400504092003corp.supernews.com>,
    > Matt Broughton <walterwegomacosx.com> wrote:
    >
    > > It looks like I am being pinged from outside or somehow my computer is
    > > deciding to ping my ISP.
    >
    > There's an option in PPP configuration to use echo to watch the state of
    > the connection. Do you have that on? (I don't think they show up as
    > ping, but I've never actually looked.)
    >
    > --John
    Thanks for the suggestion. That was one of the first things I checked.
    I did review my tcpdumps and the echo request is coming from outside my
    computer and outside of my ISP.

    --
    Matt Broughton
    Only relatives are absolute.
    Matt Broughton Guest

Similar Threads

  1. Unexplained ColdFusion Error Plz Help!!
    By joeman77 in forum Coldfusion Database Access
    Replies: 6
    Last Post: September 28th, 07:13 PM
  2. connection using dial-up modem - XP Home Edn.
    By MTC in forum Windows Networking
    Replies: 1
    Last Post: July 11th, 08:02 PM
  3. dial-up modem home network
    By stein in forum Windows Networking
    Replies: 3
    Last Post: July 9th, 08:35 PM
  4. Home Network Alway Dial ISP
    By John in forum Windows Networking
    Replies: 1
    Last Post: July 8th, 12:07 PM
  5. Unexplained Instance Error
    By Marty Cruise in forum ASP.NET General
    Replies: 4
    Last Post: July 3rd, 09:27 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139