On Thu, Apr 10, 2008 at 12:12 PM, subhodip biswas <subhodip@xxxxxxxxxxxxxxxxx> wrote: > hi ! > I am using a DSL net provided by my local cable operator . I am on a > limited bandwidth connection with allows only a gig od data transfer. > Now though my provider allows windows only client support , I am > connection to it via system-config-network --> xdsl connection . > problem is when ever i conect the net something is doing terrible > amout of upload from my machine (both windows & linux) . > Windows boot time scan reveals a trojan . But cant figure out what is > doing that amout of upload from my fedora 8 machine . > > any ideas , any issues before .. need help urgently > ps . I have SELinux permissive and firewall enabled . > > -- > Regards > Subhodip Biswas > Did you try running netstat -an to see what ports were open or Wireshark to monitor the network traffic? Odds are you'd have an open port to some remote IP relating to that traffic. And as suggested by Harald if you are running a P2P or bittorrent application (didn't realize Skype also could cause that) then that could certainly be the source of your excessive upload bandwidth. The other possibility is if your system is owned by someone on the other end of that trojan that they could have gone into your Linux partition and messed around with that to own that also when you boot up. It would require a much more sophisticated hacker (and that's assuming that someone owns the box - presence of a trojan does not automatically mean you are compromised as the trojan must have capabilities that would allow someone remote access, it would have to start up automatically at boot time, and would have to punch a hole going out of your system. I gather you cleaned the trojan off the Windows box after it was found. Are you still having a problem with Windows producing excessive upload bandwidth? If so is there an application that you run on both of those (as was mentioned - Skype, torrent or P2P)? Might be your culprit. Jacques B.
