Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Weird jump in concurrent connections

Sorry if this isn't the place to post this, it wasn't quite clear where an issue like this would fall into the way the forums are broken up.

Anyway, about 2 weeks ago I noticed that the concurrent connections went from a bare minimum to over 200 on average. 

It hasn't gone below two hundred during the last two weeks and I have no idea why.  Is there any way to see the current connections and trace them back to their originating computer(s) on the network?  I've done a cursory look on the computers on my network and I can't find anything, so it would be nice to know where to focus my efforts.

Note: The images are the week before the jump, the week of the jump and the week after the jump.

Thanks.
-Bob


This thread was automatically locked due to age.
Parents Reply
  • Ok, sorry to raise a dead horse, but I'm curious...

    Using the command:
    grep ^tcp /proc/net/ip_conntrack | awk '{print $4}' | sort | uniq -c
    at my command prompt, I typically get a result like:

    13 ESTABLISHED
    250 TIME_WAIT


    Is this normal?
Children
No Data