Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 4 subscribers
  • Views 381 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Massive download in up2date.

rMI

In the last weeks i have had a massive spike in usage on a UTM with v. 9.711-5 - The wan interface has received 1 TB from just one IP.
What is very different with this behavior was the the traffic was not originated from or to any networks. Both firewalls in hthe a has been restarted to no affect.

I created a tcpdump from the active UTM to investigate and found out that it was  a104-121-237-248.deploy.static.akamaitechnologies.com (104.121.237.248) causing the massive download and they are related to sophos up2date.

i then disabled auto download of up2date, to discover that the traffic just stopped.

"audld.plx –trigger–verbose" says no packages but the interface on the UTM does not Agree it says

Current pattern version: 209466
Latest available pattern version: 209468

Does anyone have a clue what is wrong ? :) 



This thread was automatically locked due to age.
Unfiltered HTML