Unexplained traffic usage

Problem summary

  • An ADSL account may contain unexplained usage on the stats page.
  • There are a number of causes of unwanted traffic as explained below.

Causes

Network Chatter

  • Up to 10mb per day of random packets caused by portscans, DNS, router update checks, remote pings etc.
  • This will occur even if your PCs are switched off if you have a router as opposed to a USB based ADSL modem.

Skype

  • New Skype client generates traffic even if not in use.
  • This is because Skype can turn any PC into a 3rd party router for assisting in its P2P telephony functioning.

Stolen Username

  • There are known hackers actively scanning insecure routers to obtain usernames and passwords.
  • These details are then used to steal bandwidth from the account.
  • This can be avoided by using DSL Secure.

Wireless Hijacking

  • If your router is wireless enabled, hackers in the nearby vicinity may be using your bandwidth for their own purposes, even if WEP or WPA is enabled.

Spyware, Malware, Viruses, Trojans, Rootkits

  • Any of the PCs connected may be infected with the above causing your machine to become a zombie for sending spam or an instrument in sending denial of service attacks.
  • New evidence suggests rootkit technology is now being employed to avoid detection by most Antivirus programs.

Solutions

Network chatter

  • Turn of your router to avoid any traffic charges.
  • Alternatively put the router in “stealth mode” – this makes it appear to be offline to the outside world and reduces the small amount of daily wastage.

Skype

  • Log out of Skype when not in use.
  • Use a different client e.g. MSN Messenger or other SIP based voice services.

Stolen Username

  • Change all passwords – ADSL password, router password, Customer Zone password etc.
  • Enable Webafrica’s DSL Secure technology – this allows you to lock your account to your own physical ADSL line preventing it from being used elsewhere.
  • This can be found at http://dsl.webafrica.co.za/ or by clicking the Manage button on your account in the Customer Zone.

Wireless Hijacking

  • Enable WPA-PSK encryption using a 12+ character random password.
  • Do not use known words, product names, labels or anything else.
  • Do not use WEP encryption as this can be cracked within minutes giving a false sense of security.

Spyware, Malware, Viruses, Trojans, Rootkits

TIPS:
There are also various tools available to track traffic usage on individual PCs, the easiest to use is probably Netlimiter:
NetLimiter

Please also see the password guidelines to ensure the passwords you have selected are adequately secure:
Password guide

Was this article helpful?

Related Articles