Traffic Analyzer Statistics

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Preskitt.man

Regular Contributor
I've often looked at the Traffic Analyzer Statistic page on my AC86U, but primarily for All Clients over various periods of time. Out of curiosity, I just narrowed that focus by client to look at my Galaxy S20 phone. Mostly what I saw was expected and unremarkable. But I did see some low volume traffic for apps such as Yahoo, Skype and Twitter. 30KB for example for Skype. Thing is, I don't even have those apps installed on my phone nor do I go there via the web browser. I am seeing these numbers on a daily basis. Very curious about these. Does anyone have any ideas?
 

Travelor

New Around Here
[email protected]
I do see some anomalies in the reporting on the STATISTIC page (TrafficAnalyzer_Statistic.asp). I am seeing WhatsApp showing up on a phone that my preteen son is using. I made the assumption that my son is on the cusp of being a teen and spreading his wings a little, though he does maintain his innocence. The APP isn't installed "now" but I do keep seeing his phone having some activity with the APP -
I haven't yet searched the forum yet for possible solutions, that's next, but I did want to chime in on your start of the the discussion.

My Network
400+MB WAN on Netgear CM11000
AX11000 with ASUSWRT-Merlin 386.3_2
 

Preskitt.man

Regular Contributor
Very curious - maybe it's just a feature of Android that it has some core elements that will check certain web services. I've got no other explanation. There is nothing on my network, phone or otherwise, that is talking to Twitter or Skype. The apps are not installed on my phone. Nor does my wife use those apps. And Traffic Analyzer definitely shows them coming from my phone. Not enough data to be useful for anything. But still there never the less
 

Travelor

New Around Here
It is a bit of a mystery, and I am not sure this is something Merlin development/support may have knowledge.
The reports appear to be generated through the TrendMicro engine/filter/monitor/system. As we are required to agree to the TrendMicro intrusion agreement. I rant the system thru a private DNS. Which only provides data when the DNS is hit with the domain request, which could easily be a cloudflare azure or aws domain which may not have any indication it's Skype Twitter or other messenge app or device.

As such I'm looking at the other reporting capabilities of Merlin to see if maybe TCPDUMP will help reveal more detail.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top