Hi,
Get ntopng and it will record the ips and ports involved.
www.ntop.org
On 12/03/2013 05:01 PM, Bowie Bailey wrote:
> On 12/3/2013 3:42 PM, diegors@xxxxxxxxx wrote:
> > >
> > > ------Mensaje original------ De: Bowie Bailey Remitente:
> > > centos-bounces@xxxxxxxxxx Para: CentOS mailing list Responder a:
> > > CentOS mailing list Asunto: Outbound traffic spike every 30
> > > minutes Enviado: 3 de dic de 2013 19:36
> > >
> > > Since Sunday morning, one of my CentOS servers has been generating a
> > > small spike of outbound traffic every 30 minutes (X:00 and X:30).
> > > It's not enough traffic to really cause any notice except for the
> > > fact that it is a very regular pattern and it started abruptly at
> > > midnight Sunday.
> > >
> > > This server is used for mail (Courier-MTA), and DNS (Bind). I cannot
> > > find anything unusual in either of those logs. I tried grepping
> > > through my firewall logs, but have been unable to find anything
> > > useful there either. I don't see any cron jobs that would generate
> > > network traffic.
> > >
> > > Any suggestions how I can go about tracking this down?
> > >
> >
> > Is inbound or outbound?
> > What port?
> > tcp or udp?
>
> It is outbound from my server to the Internet. My traffic monitor does
> not give me any more detailed information, just a nice sawtooth graph
> showing the regular spikes.
>
> TCP or UDP and the port is part of what I am trying to determine.
>
--
Stephen Clark
*NetWolves*
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.clark@xxxxxxxxxxxxx
http://www.netwolves.com
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
