This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Increasing concurrent connections

My system is showing unusual high and increasing concurrent connections, despite low traffic. See attached screenshot.

How can I identify and block that traffic?



This thread was automatically locked due to age.
Parents
  • I prefer to use iftop for real time traffic. The options listed below (above?) can be a bit delayed.  You will have to log into the console to run it. Press "?" for more options when running.

    If you want ipv6 support, iftop will need to be updated (not supported).  See this thread for more info.  I used option 2 to update mine.

    community.sophos.com/.../iftop-for-ipv6

    Note, iftop shows connections and throughput speed for that client/host. The numbers are aggregated, whether its a single connection or dozens.

    It might also be helpful to go to logging,network usage, bandwidth usage. Then sort by "Conn" in descending order.

  • UTM has so many "easter eggs" in the logging section that the OP should be able to find out exactly what's hogging his network I hope it works for him.

  • Thanks for your replies. I have increased the Intrusion Prevention settings and the connection dropped. 

  • That's odd. are you getting any IPS alerts? What did you increase to stop the connections?

    Something you can so do is go to Logging & Reporting and create an Executive Report for the last week or month which will list all your top clients/servers/applications and more, and tell you what users has been using the most bandwidth and what services.

Reply
  • That's odd. are you getting any IPS alerts? What did you increase to stop the connections?

    Something you can so do is go to Logging & Reporting and create an Executive Report for the last week or month which will list all your top clients/servers/applications and more, and tell you what users has been using the most bandwidth and what services.

Children
No Data