Working in network, it is necessary to monitor the consumed traffic, its any noticeable deviation from the expected value can indicate problems with safety. Observation of traffic and network connections will allow to avoid illegal connections to your computer.
Instruction
1. Users of the Windows operating system can always control network activity on a connection icon in a tray. In correctly customized system this indicator "comes to life" only when you open some page. If you do not open new pages, and in your system there is no update of the antivirus software or operating system, the icon of connection should show zero activity.
2. It is easy to learn the volume of the consumed traffic in properties of connection. Guide the cursor at the indicator of network activity in a tray enough, and you will see the volume of the accepted and transferred data during the current session. To view this information in more detail, click an icon with the right mouse button and select the Status item in the menu.
3. If you use the USB modem and are connected to the Internet through the program installed by the modem, you can look in it at statistics of the consumed traffic in a day, week, month, year. Statistics at any time it is possible to reset and reckon again.
4. If the network activity of the computer is very spontaneous and depends on you a little, it is necessary to understand the reasons of it. Understand to what addresses the computer what programs are responsible for these connections what volume of traffic they consume connects. The unclear activity can demonstrate computer hacking or infection with its Trojan programs.
5. Look at the current connections. For this purpose open the command line: "Start-up" - "All programs" - "Standard" - "Command line" also enter the netstat command – aon. Click Enter, you will see the table with data on network connections. If at present your computer has connection with other machine, you will see its ip in the graph "Foreign address". The status of active connection will be defined as ESTABLISHED.
6. You can try to define what program is connected to network, will help you with it the last column – PID. In it identifiers of processes are specified. Make the tasklist team in the same window, you will see the process table. In the first column their names, in the second – identifiers (PID) will be specified. Having compared identifiers from both tables, you easily will understand what program shows network activity.
7. If during search the traffic continued to be consumed actively, try to turn off suspicious processes in turn. To turn off process, use a command: taskkill/pid **** where instead of asterisks insert PID of the process which is subject to closing. For test start "Notepad", again enter the tasklist command – that "Notepad" appeared in the process list. Find its process – notepad.exe and close by means of the command given above.
8. In studying traffic specialized programs – for example can greatly help, to BWmeter. By means of this utility you will be able to trace all addresses to which your computer connects. All information can be written to the log for the subsequent analysis.