Xtra Broadband usage skyrocketed

Discussion in 'NZ Computing' started by Boppy, Jul 25, 2009.

  1. Boppy

    Boppy Guest

    Hi guys, I recently realised my wireless modem was not secured when it
    was first installed and last week recified this by passwording access.
    Since then my upload traffic has gone nuts. In the first two days of
    this month's billing cycle I've exceeded the 10g limit and had to
    upgrade to a 20 gig plan yesterday.

    Yesterday one computer was switched off and my laptop was only been
    connected to the network for 4 hours. Downloads have been 28.16 mb and
    uploads have been 920.38. Looking back last week the major traffic was
    uploading.

    I don't have uTorrent or Limewire or any other ptp software running. I
    do have Dropbox running but haven't needed to synchronise any
    especially large files so I don't think that could be the problem.
    Also I haven't sent any really large emails.

    This is a screenshot of my services running: http://bayimg.com/GaCJhAAcn

    Any suggestions of what might be causing so much upstream traffic?

    Jo
    Boppy, Jul 25, 2009
    #1
    1. Advertising

  2. Boppy

    PeeCee Guest

    "Boppy" <> wrote in message
    news:...
    > Hi guys, I recently realised my wireless modem was not secured when it
    > was first installed and last week recified this by passwording access.
    > Since then my upload traffic has gone nuts. In the first two days of
    > this month's billing cycle I've exceeded the 10g limit and had to
    > upgrade to a 20 gig plan yesterday.
    >
    > Yesterday one computer was switched off and my laptop was only been
    > connected to the network for 4 hours. Downloads have been 28.16 mb and
    > uploads have been 920.38. Looking back last week the major traffic was
    > uploading.
    >
    > I don't have uTorrent or Limewire or any other ptp software running. I
    > do have Dropbox running but haven't needed to synchronise any
    > especially large files so I don't think that could be the problem.
    > Also I haven't sent any really large emails.
    >
    > This is a screenshot of my services running: http://bayimg.com/GaCJhAAcn
    >
    > Any suggestions of what might be causing so much upstream traffic?
    >
    > Jo
    >




    Boppy

    Your Wireless modem/router has been hacked while it was not passworded.

    Either:
    Someone will have been using it to seed Peer to Peer video, music or warez
    torrents.
    Or
    The P2P server running on your PC
    (see p2pimsvc and p2psvc in your list of running services)
    Is allowing someone to suck something from your system that they want via
    your hacked WiFi LAN.

    To fix, reset the Wireless modem router to factory defaults by pressing the
    reset button.
    (instructions should be in the manual)
    Then:
    1 Change the admin user name and password before you do 'anything' else
    2 Change any other access usernames and passwords.
    3 Change the SSID to something that doesn't identify the brand of modem or
    you (eg not Dlink, Belkin or your surname etc)
    If can turn the SSID broadcast off once you have set it up, your wireless
    devices will still work.
    Note use proper passwords with alpha and numeric characters in them.
    4 Change your Wireless to WPA or WPA2 and put in a similalry strong
    passphrase.
    5 Now enter your username and password to reestablish connection to
    broadband from your ISP.

    Finish off by removing any P2P programs from your PC and doing a full Virus
    and Spyware scan.
    Recommended apps for this include
    Your favourite Anti Virus programs, or AVG, Avast if you don't have one.
    (don't see any that I recognise in that list)
    Ad Aware, Spybot Search & Destroy, Malware Bytes, Super Anti Spyware etc.


    Best
    Paul.
    PeeCee, Jul 26, 2009
    #2
    1. Advertising

  3. Boppy

    Gordon Guest

    On 2009-07-26, PeeCee <> wrote:
    > "Boppy" <> wrote in message
    > news:...
    >> Hi guys, I recently realised my wireless modem was not secured when it
    >> was first installed and last week recified this by passwording access.
    >> Since then my upload traffic has gone nuts. In the first two days of
    >> this month's billing cycle I've exceeded the 10g limit and had to
    >> upgrade to a 20 gig plan yesterday.
    >>
    >> Yesterday one computer was switched off and my laptop was only been
    >> connected to the network for 4 hours. Downloads have been 28.16 mb and
    >> uploads have been 920.38. Looking back last week the major traffic was
    >> uploading.
    >>
    >> I don't have uTorrent or Limewire or any other ptp software running. I
    >> do have Dropbox running but haven't needed to synchronise any
    >> especially large files so I don't think that could be the problem.
    >> Also I haven't sent any really large emails.
    >>
    >> This is a screenshot of my services running: http://bayimg.com/GaCJhAAcn
    >>
    >> Any suggestions of what might be causing so much upstream traffic?
    >>
    >> Jo
    >>

    >
    >
    >
    > Boppy
    >
    > Your Wireless modem/router has been hacked while it was not passworded.
    >

    While this is on the horizon. Turning the modem off kills the threat, the
    real question is what OS are you on. Ms Windows? If so she is not as she was
    before the wireless installation. She is now part of the Borg empire.

    Back up all data, format the HD, re-install Ms Windows and reflect upon the
    experience.

    No use in bolting the door after the horse has bolted, to quote the saying.

    PS encryption goes hand in hand with passwording on a wireless network.



    > Either:
    > Someone will have been using it to seed Peer to Peer video, music or warez
    > torrents.
    > Or
    > The P2P server running on your PC
    > (see p2pimsvc and p2psvc in your list of running services)
    > Is allowing someone to suck something from your system that they want via
    > your hacked WiFi LAN.
    >
    > To fix, reset the Wireless modem router to factory defaults by pressing the
    > reset button.
    > (instructions should be in the manual)
    > Then:
    > 1 Change the admin user name and password before you do 'anything' else
    > 2 Change any other access usernames and passwords.
    > 3 Change the SSID to something that doesn't identify the brand of modem or
    > you (eg not Dlink, Belkin or your surname etc)
    > If can turn the SSID broadcast off once you have set it up, your wireless
    > devices will still work.
    > Note use proper passwords with alpha and numeric characters in them.
    > 4 Change your Wireless to WPA or WPA2 and put in a similalry strong
    > passphrase.
    > 5 Now enter your username and password to reestablish connection to
    > broadband from your ISP.
    >
    > Finish off by removing any P2P programs from your PC and doing a full Virus
    > and Spyware scan.
    > Recommended apps for this include
    > Your favourite Anti Virus programs, or AVG, Avast if you don't have one.
    > (don't see any that I recognise in that list)
    > Ad Aware, Spybot Search & Destroy, Malware Bytes, Super Anti Spyware etc.
    >
    >
    > Best
    > Paul.
    >
    Gordon, Jul 26, 2009
    #3
  4. Boppy

    Boppy Guest

    Thanks for replying, guys.

    My laptop crashed last week after installing SP1 and Vista was
    reinstalled on a whole new hard drive. It was not reconnected to the
    wireless network until the password was set (I was alerted to the lack
    of password when I was let straight in and fixed it immediately). So
    if anyone was hacking into my laptop previously, presumably they no
    longer can - wireless is installed up on my desktop and the leeching
    seemed to be happening even when the desktop was turned off but the
    laptop was.

    I've stopped the p2psvc in services.

    I have Eset NOD antivirus that was installed by the tech who put in
    the new hard drive and reinstalled Vista.

    Jo
    Boppy, Jul 26, 2009
    #4
  5. Boppy

    PeeCee Guest

    "Boppy" <> wrote in message
    news:...
    > Thanks for replying, guys.
    >
    > My laptop crashed last week after installing SP1 and Vista was
    > reinstalled on a whole new hard drive. It was not reconnected to the
    > wireless network until the password was set (I was alerted to the lack
    > of password when I was let straight in and fixed it immediately). So
    > if anyone was hacking into my laptop previously, presumably they no
    > longer can - wireless is installed up on my desktop and the leeching
    > seemed to be happening even when the desktop was turned off but the
    > laptop was.
    >
    > I've stopped the p2psvc in services.
    >
    > I have Eset NOD antivirus that was installed by the tech who put in
    > the new hard drive and reinstalled Vista.
    >
    > Jo




    Jo

    You don't make it clear if you reset your Wireless / Router/ Modem or not.
    If you only entered a password and carried on then I would implore you to
    reset the modem.
    Or if you are frightened of losing your connection settings, at least leave
    the thing off for 12- 24 hours.
    This will force the pirate accessing your Wireless to relogon, only now he
    won't have the password.

    I based my comments on a case I had a few months ago.
    I can assure you just setting the password on the Wireless Access point was
    'not' enough to stop the leeching.
    In the 3 days following the Wireless password being set another 6GB of data
    was uploaded.

    The PC and Laptop were clean and either off or packet logging showed they
    were not the source of the data.
    (one PC had to be left on unfortunately)
    In the end we went the reset route and the ISP's tech told us the uploading
    stopped instantly after we reset the Wireless / Router / modem and changed
    all the passwords.

    Best
    Paul.
    PeeCee, Jul 26, 2009
    #5
  6. Boppy

    Carnations Guest

    On Sun, 26 Jul 2009 23:19:25 +1200, PeeCee wrote:

    > In the end we went the reset route and the ISP's tech told us the
    > uploading stopped instantly after we reset the Wireless / Router / modem
    > and changed all the passwords.


    Interesting that the router was the compromised device.


    --
    "Filtering the Internet is like trying to boil the ocean"
    Carnations, Aug 3, 2009
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Beck

    skype broadband usage?

    Beck, Apr 22, 2006, in forum: UK VOIP
    Replies:
    26
    Views:
    11,679
    Andy Furniss
    Apr 26, 2006
  2. Russell Smithies

    Xtra JetStream usage calculator is misleading

    Russell Smithies, Sep 29, 2003, in forum: NZ Computing
    Replies:
    5
    Views:
    488
    Biggles
    Sep 29, 2003
  3. Harry

    Xtra Usage Meter Numbers Transposed

    Harry, Jul 21, 2004, in forum: NZ Computing
    Replies:
    3
    Views:
    414
    Harry
    Jul 22, 2004
  4. Mrs Beeble Brock

    Xtra Usage Meter

    Mrs Beeble Brock, Oct 25, 2004, in forum: NZ Computing
    Replies:
    8
    Views:
    873
    Dave - Dave.net.nz
    Oct 25, 2004
  5. Andrew

    xtra broadband usage meter

    Andrew, Dec 15, 2005, in forum: NZ Computing
    Replies:
    4
    Views:
    7,164
    Squirrel
    Dec 17, 2005
Loading...

Share This Page