What's new

Traffic Analysis vs Statistics?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

F-4Phantom

Occasional Visitor
Asus RT-AC86u with Merlin 386.2_4

I have a wifi water heater which the Traffic Analysis statistics tab shows is using ~1MB every hour. over 24MB per day!

When I look at the realtime traffic, I don't see that much traffic going out. it looks like it uploads some packets every 60sec or so. Just a short spike of maybe 15kB or so.

I don't know which one to believe. Its the only device on my 2.4ghz band.

Statistics tab shows its uploading and downloading equal amounts. so for a 24hr period, say 12MB up & 12MB down.

Is that right? or is it calculating incorrectly?
 
Seems approximately correct. ~15KB per minute is almost 1MB per hour. Plus, overhead, plus variance, etc., close enough for me.

24MB per day isn't a lot though... depending on your ISP rates...
 
So does that mean I'm just being overly paranoid and it's not part of some botnet?

I guess it's just polling a server somewhere every 60s to see if any settings have changed or new commands issued?

Or its just sending state info every 60s?
 
~15kB x 60 x 24 = ~21.6MB. Add "or so" variable and the number is pretty close to 24MB/day. What's the question?
 
Thanks for the quick responses. I just saw the plot on the Statistics tab and it shows a constant 1MB. But I think I misinterpreted that as 1MB/sec. My error. I was getting freaked out that my water heater had been hacked.

But I think I'm now reassured it's normal traffic.
 
Of course, it's part of some botnet! The manufacturers'. You paid to have it in your home.

I don't allow such devices in my network.
 
I do at least have it on its own subnet!

I was trying to figure out how it got compromised thru the Asus AIProtection, forcing everything to use a DNS host that blocks malicious sites, Skynet, Diversion, and that I flat refuse connections from outside the US.
 
Statistics graph refreshes every hour. It's written on the tab and highlighted in yellow, but you missed to read it.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top