Unexplained wireless traffic on new laptop

[Mike Lewis]

Not sure if this is the best forum for this question. If not, my apologies.

I've just bought a new laptop (HP ProBook, running XP Professional).

I immediately installed an AV program (AVG) and a firewall (ZoneAlarms). I enabled wireless networking, but haven't installed any other software.

I immediately noticed that the machine was constantly sending and receiving data over the network, even when no apps were running. The evidence for this is that the ZoneAlarms "traffic indicator" is constantly flashing, plus the network status window shows an increasing number of packets received and sent.

I'm pretty sure there's nothing running in the background that be causing this. The Task Manager shows a system idle process of about 99%. I see the same behaviour even if every other machine on the network is turned off.

Can anyone throw any light on this? Should I be worried?

Thanks in advance.

Mike


__________________________________
Mike Lewis (Edinburgh, Scotland)

Visual FoxPro tips, advice, training, consultancy
Custom software for your business

 

[BadBigBen]

should I be worried? - Probably NOT...

it is not uncommon, actually it is normal, that the wireless driver and windows own networking services communicate with the AP, this is to ensure that there is connection, and it does this once in a while by sending packets to and from the AP...

Unlike a wired Ethernet, and like most packet radios, Wi-Fi cannot detect collisions, and instead uses an acknowledgment packet for every data packet sent. If a sender receives no acknowledgement within a certain time, the sender retransmits the corresponding packet. Also, a medium reservation protocol can be used when excessive collisions are experienced or expected (request-to-send and clear-to-send used for collision avoidance or CA) in an attempt to avoid collisions.

source: Wikipedia

Now, when no apps are running that need Internet/Network access at all, and the packets received and transmitted are more frequent (and close in number to that when you call up a website in your browser) then, and only then should you be really worried... in my opinion that is...



Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"

 

[kmcferrin]

You might want to check and see what protocols are in use on your network. If you have NetBIOS enabled (which may be automatically enabled if you turn on file/printer sharing) then your computer will periodically send broadcasts.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCTS:Hyper-V
MCTS:System Center Virtual Machine Manager
MCSE:Security 2003
MCITP:Enterprise Administrator

 

[Mike Lewis]

Thanks to both of your for your replies.

Ben, you say "when no apps are running that need Internet/Network access at all, and the packets received and transmitted are more frequent (and close in number to that when you call up a website in your browser) then, and only then should you be really worried".

Well, that is the case. Right now, there are no apps running at all. I've temporarily turned off Windows update, AVG update, etc. I can't see anything running in the Task Manager. And yet the packets are coming and going very quickly.

And the rate seems to be about the same as when I am using the browser. It's difficult to time it exactly, but I'm seeing maybe 20 or 30 packets going in each direction every second. So, it's more than an occasional acknowledgement.

Kmcferrin, I don't have NetBIOS enabled (nor file/printer sharing).

So, from what you both say, it sounds like this isn't normal. Could it be some sort of security threat? And if so, what can I do about it?

Mike


__________________________________
Mike Lewis (Edinburgh, Scotland)

Visual FoxPro tips, advice, training, consultancy
Custom software for your business

 

[dberg35]

This is getting very confusing for you I see so here it is simple. As long as your PC is connected to the wirless router there will be traffic because this is to maintain connection to the router. If you have virus and firewall software running and are not going to bad site you will be fine. Basically no need to worry.

 

[Noway2]

Your PC will periodically send out network traffic and this is normal. It is part of the window's networking and it is used to perform various functions, such as host announcements, workgroup identification announcements, etc. These broadcasts will happen after all of the initial startup has been completed. This is data that will be broadcast by the PC to your local lan and whatever device(s) it is connected to.

I doubt if you have to worry about things attempting to "phone home" and your zone alarm should catch this if anything does.

 

[BadBigBen]

Mike, as the two previous members stated, it is normal that packets get send back and forth, to upkeep the connection...

you have to remember, that the radio frequencies overlap, and that there are other wireless apparatuses in the area will also send packets, and just like a radio, yours will receive these as well (these are dropped by your NIC)...

Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"

 

[Mike Lewis]

Thank you all for your replies. You have set my mind at rest. I will stop worrying about this, and get on with using the laptop.

Mike


__________________________________
Mike Lewis (Edinburgh, Scotland)

Visual FoxPro tips, advice, training, consultancy
Custom software for your business