Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Forums2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus)Crazy high data usage for no reason, any ideas?
Viscery

18 posts

Geek


#139542 12-Feb-2014 12:49
Send private message

Hi all

As stated in the title, on my orcon bill it says I've gone over my data cap and quite dramatically. I'm not sure how this is possible when in previous months I fail to even use 50% of my 200gb cap let alone the 400gb that orcon state I have used in the previous 30 days. Has anyone else experienced this or has any idea what I can do? I obviously have a password on my wifi and a password on my router itself and there are only two computers in my house that are connected to the internet.

I've attached a picture of my usage from the orcon website if that helps at all.



Thanks in advance 
Shalen

Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
andrewNZ
2487 posts

Uber Geek
Inactive user


  #985019 12-Feb-2014 12:56
Send private message

What is the structure of your household? Kids, students?
What type of security does your wireless use?

I'd bet it's torrenting.



Viscery

18 posts

Geek


  #985023 12-Feb-2014 13:00
Send private message

Hi, thanks for your reply.

My household is comprised of two people; myself a student and my mother.

I doubt she knows how to use torrents and I know I haven't been downloading torrents in the past month since I've been working.
I think my wifi security is WPA2, I've currently turned off the wifi to see if someone else has been using the internet outside my house who somehow knows the password.

Jas777
838 posts

Ultimate Geek


  #985027 12-Feb-2014 13:11
Send private message

Maybe someone has developed a programme to say they are you even though they are not and are using your internet data without your permission as the rightful owner of said cap?




FlameBeard
344 posts

Ultimate Geek

Trusted

  #985044 12-Feb-2014 13:36
Send private message

Can you PM me your username please>?




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

Viscery

18 posts

Geek


  #985052 12-Feb-2014 13:43
Send private message

PM'd you FlameBeard

FlameBeard
344 posts

Ultimate Geek

Trusted

  #985095 12-Feb-2014 14:09
Send private message

Cheers for that, so of the two users, which I am guessing you mean you are a student living in the residence and your mother, can you account for the nine different devices which have a DHCP lease in the DHCP pool on the router, which have connected in the last four days since it was rebooted?

I'm seeing two PC's and two android phones, the others though I would have to perform an OUI look-up to ascertain what vendor they belong to.

If you cannot account for them, then your wireless has been breached and I would highly recommend changing the password.
Three of the devices are wired in via Ethernet and six of them are wireless devices.

Edit: Spelling (everytime without fail)




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #985096 12-Feb-2014 14:10
Send private message

Do you have your router firewall enabled? It's hard to tell what's upstream and what is downstream on that list but if it's upstream you're probably a DNS or NTP bot.

DNS and NTP amplification attacks are absolutely out of control at present.

 
 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
FlameBeard
344 posts

Ultimate Geek

Trusted

  #985099 12-Feb-2014 14:12
Send private message

sbiddle: Do you have your router firewall enabled? It's hard to tell what's upstream and what is downstream on that list but if it's upstream you're probably a DNS or NTP bot.

DNS and NTP amplification attacks are absolutely out of control at present.


No the user has disabled this from the factory default. (remote access is lovely)




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

Viscery

18 posts

Geek


  #985100 12-Feb-2014 14:13
Send private message

Theres my own computer, two laptops, my phone, my mums two phones, our wireless printer and our tv which has wireless. Those are all the devices I can account for.

ubergeeknz
3344 posts

Uber Geek

Trusted
Vocus

  #985102 12-Feb-2014 14:14
Send private message

FlameBeard:
sbiddle: Do you have your router firewall enabled? It's hard to tell what's upstream and what is downstream on that list but if it's upstream you're probably a DNS or NTP bot.

DNS and NTP amplification attacks are absolutely out of control at present.


No the user has disabled this from the factory default. (remote access is lovely)


That will almost certainly be the problem.  Folks please don't disable your routers' firewalls, they are there for a reason :/

FlameBeard
344 posts

Ultimate Geek

Trusted

  #985103 12-Feb-2014 14:16
Send private message

Viscery: Theres my own computer, two laptops, my phone, my mums two phones, our wireless printer and our tv which has wireless. Those are all the devices I can account for.


so now from your original post of two computers, you now have three computers connected to the internet, and three phones. I only mention this as updates on these devices can cause unaccounted for usage.
That coupled with the fact your firewall has been disabled, I suspect my friend you're being DDoS'd or some other form of attack

Edit: clarification





4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

Viscery

18 posts

Geek


  #985104 12-Feb-2014 14:17
Send private message

Yes sorry, I forgot to include her work laptop and phone

Viscery

18 posts

Geek


  #985107 12-Feb-2014 14:20
Send private message

I've turned the firewall back on now, is there anything else that I could do?

FlameBeard
344 posts

Ultimate Geek

Trusted

  #985114 12-Feb-2014 14:25
Send private message

I've checked the usage for your account too, the last seven days of your billing cycle, your connection downloaded total of (upload+download) 311.66Gb of data, give or take a GB or two

That is a steady increase from the 4gb total per day average.




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

FlameBeard
344 posts

Ultimate Geek

Trusted

  #985119 12-Feb-2014 14:31
Send private message

Viscery: I've turned the firewall back on now, is there anything else that I could do?


Change SSID and password would be my first port of call. I can do this for you if you want to PM me something you would like them changed to. Keeping in mind though that you will need to re-add the printer in my experience on the PC's (assuming they're running windows)

If you really wanted to get crazy to ensure nothing got on without your say so, you could statically assign every device on your home network from a different subnet range than default, then disable DHCP. That way, even if they breach your SSID, they're not going to get an IP address nor can they allocate one should they be exceptionally knowledgeable on how Orcon's modems assign IP's.

Depends how crazy you want to go




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

 1 | 2 | 3
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright