Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 1658 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Worried - my XG firewall has been pegging my 3Mb DSL line for over 24 hours

KenCornetet

Starting over 24 hours ago, my XG firewall has my 3Mb/sec DSL line pegged downloading. The firewall itself is downloading. I've confirmed that it is not an inside host causig the traffic by monitoring the traffic on the LAN switch port that XG is connected to, the XG inside and outside interfaces, and by XG graphs - all ow which show 3Mb on the WAN interface, but almost nothing on the LAN side.

 

I've done a packet capture and can see the IP address XG is downloading from: 13.33.126.23 which resolves to server-13-33-126-23.ord50.r.cloudfront.net.

 

I'd like to think that this is just XG doing some sort of updates, but I can't believe it would be using this much data. Has my XG been hacked? I don't allow any management access from the outside interface.



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to rfcat_vk

    I don't see any unusual messages in the system log. But this does sound possible. I've noticed that the traffic runs at a constant 3Mb for about 90 minutes, then drops off for a few minutes, then picks back up again. That does sound like some kind of retry

     

    How would I troubleshoot this?

Children
No Data