diegors at gmail.com
2013-Dec-03 20:42 UTC
[CentOS] Outbound traffic spike every 30 minutes
Is inbound or outbound? What port? tcp or udp? ------Mensaje original------ De: Bowie Bailey Remitente: centos-bounces at centos.org Para: CentOS mailing list Responder a: CentOS mailing list Asunto: [CentOS] Outbound traffic spike every 30 minutes Enviado: 3 de dic de 2013 19:36 Since Sunday morning, one of my CentOS servers has been generating a small spike of outbound traffic every 30 minutes (X:00 and X:30). It's not enough traffic to really cause any notice except for the fact that it is a very regular pattern and it started abruptly at midnight Sunday. This server is used for mail (Courier-MTA), and DNS (Bind). I cannot find anything unusual in either of those logs. I tried grepping through my firewall logs, but have been unable to find anything useful there either. I don't see any cron jobs that would generate network traffic. Any suggestions how I can go about tracking this down? -- Bowie _______________________________________________ CentOS mailing list CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos Diego Sanchez Sent from my mobile
On 12/3/2013 3:42 PM, diegors at gmail.com wrote: > > > > ------Mensaje original------ De: Bowie Bailey Remitente: > > centos-bounces at centos.org Para: CentOS mailing list Responder a: > > CentOS mailing list Asunto: [CentOS] Outbound traffic spike every 30 > > minutes Enviado: 3 de dic de 2013 19:36 > > > > Since Sunday morning, one of my CentOS servers has been generating a > > small spike of outbound traffic every 30 minutes (X:00 and X:30). > > It's not enough traffic to really cause any notice except for the > > fact that it is a very regular pattern and it started abruptly at > > midnight Sunday. > > > > This server is used for mail (Courier-MTA), and DNS (Bind). I cannot > > find anything unusual in either of those logs. I tried grepping > > through my firewall logs, but have been unable to find anything > > useful there either. I don't see any cron jobs that would generate > > network traffic. > > > > Any suggestions how I can go about tracking this down? > > > > Is inbound or outbound? > What port? > tcp or udp? It is outbound from my server to the Internet. My traffic monitor does not give me any more detailed information, just a nice sawtooth graph showing the regular spikes. TCP or UDP and the port is part of what I am trying to determine. -- Bowie