My server is witnessing a sudden increase in traffic. Consistently there is a 200mb outgoing traffic every hour. This is not my web traffic. I am running centos OS and completely new to server administration. Can some one help me to figure out what is causing the traffic. I tried all possible netstat lsof etc. But couldnt really figure out what is causing this. Since my bandwidth is limited this is causing a real headache. Any help on this front will be useful.
Asked
Active
Viewed 1,080 times
-4
-
1Is your firewall wide open, or are you only allowing certain ports through? – Rob C. Sep 24 '12 at 18:21
1 Answers
3
Tcpdump is indicated here. As root:
sudo tcpdump -i eth0 -w /tmp/weirdstuff.cap -s 1500 -c 5000
That'll create file called /tmp/weirdstuff.cap. Sftp that down to your own workstation, and load that file into Wireshark. That should give you a solid hint about what's going on.
sysadmin1138
- 133,124
- 18
- 176
- 300
-
Thanks I found out the culprit. IT is because of DNS flooding as recursive queries where enabled. Now I have disabled it. Hope the problem is solved. – Thirukumaran Nagarajan Sep 25 '12 at 19:45