Исходное сообщение
"Сервак ждёт траффик"
Отправлено Doctorrr, 09-Авг-06 19:02 
Всем привет.
Достался в наследтво сервак FreeBSD 5.4, он выполняет роли:
* Samba сервера
* тестового httpd сервера для разработчиков во внутренней сетке
* proxy сервера для внутренней сети(снаружи закрыт)

Недавно обнаружил, что он постоянно жрёт траффик, в т.ч.ночью, когда никого нет -- 5М исходящй + 10М входящий каждый час(количество довольно стабильно -- всегда примерно 5 IN и 10 OUT Мегабайт). Что делать, куда копать? Какие способы обнаружения такого траффика можно использовать?

На всякий случай привожу список установленного софта:
# pkg_info
apache-2.0.55       Version 2 of Apache web server with prefork MPM.
autoconf-2.13.000227_5 Automatically configure source code on many Un*x platforms
autoconf-2.59_2     Automatically configure source code on many Un*x platforms
bash-2.05b.007_4    The GNU Bourne Again Shell
bash-3.0.16_1       The GNU Project's Bourne Again SHell
bison-1.75_2        A parser generator from FSF, (mostly) compatible with Yacc
cups-base- The Common UNIX Printing System: headers, libs, & daemons
curl-7.15.0         Non-interactive tool to get files from FTP, GOPHER, HTTP(S)
cvsup-without-gui-16.1h_2 General network file distribution system optimized for CVS
expat-1.95.8        XML 1.0 parser written in C
ezm3-1.2            Easier, more portable Modula-3 distribution for building CV
fontconfig-2.2.3,1  An XML-based font configuration API for X Windows
freetype2-2.1.10_1  A free and portable TrueType font rendering engine
gd-2.0.33_3,1       A graphics library for fast creation of images
gettext-0.14.1      GNU gettext package
glib-1.2.10_11      Some useful routines of C programming (previous stable vers
glib-2.6.3_1        Some useful routines of C programming (current stable versi
gmake-3.80_2        GNU version of 'make' utility
gnutls-1.0.24_1     GNU Transport Layer Security library
gtk-1.2.10_13       Gimp Toolkit for X11 GUI (previous stable version)
help2man-1.35.1     Automatically generating simple manual pages from program o
imake-6.8.2         Imake and other utilities from X.Org
ipcad-3.6.3         IP accounting daemon with Cisco-like RSH and NetFlow export
isoqlog-2.2.1       A qmail, postfix, sendmail, exim MTA log analysis program
jpeg-6b_3           IJG's jpeg compression utilities
libgcrypt-1.2.1     "General purpose crypto library based on code used in GnuPG
libgpg-error-1.0_1  Common error values for all GnuPG components
libiconv-1.9.2_1    A character set conversion library
libslang-1.4.9      Routines for rapid alpha-numeric terminal applications deve
libtool-1.3.5_2     Generic shared library support script (version 1.3)
libtool-1.5.10_1    Generic shared library support script (version 1.5)
libxml2-2.6.18      XML parser library for GNOME
lynx-2.8.5          A non-graphical, text-based World-Wide Web client
lzo-1.08_1          Portable speedy, lossless data compression library
m4-1.4.1            GNU m4
mc-4.6.1_2          Midnight Commander, a free Norton Commander Clone
mod_php4-4.4.0,1    PHP Apache Module
moon-buggy-1.0      Drive a buggy across the moons surface
mysql-client-5.0.15 Multithreaded SQL database (client)
mysql-server-5.0.15 Multithreaded SQL database (server)
nmap-3.93           Port scanning utility for large networks
nologinmsg-1.0      More functional native binary replacement for /sbin/nologin
openvpn-2.0.2_1     Secure IP/Ethernet tunnel daemon
p5-DBI-1.48         The perl5 Database Interface.  Required for DBD::* modules
p5-gettext-1.03     Message handling functions
pcre-6.4            Perl Compatible Regular Expressions library
perl-5.8.6_2        Practical Extraction and Report Language
php4-mbstring-4.4.0 The mbstring shared extension for php
php4-mysql-4.4.0    The mysql shared extension for php
php4-pcre-4.4.0     The pcre shared extension for php
php4-session-4.4.0  The session shared extension for php
pkgconfig-0.15.0_1  A utility used to retrieve information about installed libr
png-1.2.8_1         Library for manipulating PNG images
popt-1.7            A getopt(3) like library with a number of enhancements, fro
portupgrade-20041226_2 FreeBSD ports/packages administration and management tool s
proftpd-1.3.0.r2_3  Highly configurable ftp daemon
racoon-20050510a    KAME racoon IKE daemon
ruby-1.8.2_3        An object-oriented interpreted scripting language
ruby18-bdb1-0.2.2   Ruby interface to Berkeley DB revision 1.8x with full featu
samba-2.2.12        A free SMB and CIFS client and server for UNIX
sarg-2.0.9          Squid log analyzer and HTML report generator
screen-4.0.2_1      A multi-screen window manager
sniffit-0.3.7b_2    A packet sniffer program.  For educational use
squid-2.5.11_1      The successful WWW proxy cache and accelerator
sudo-        Allow others to run commands as root
tiff-3.7.1_2        Tools and library routines for working with TIFF images
unzip-5.52_2        List, test and extract compressed files in a ZIP archive
vim-6.4.0           Vi "workalike", with many additional features
vtun-2.6            Virtual Tunnels over TCP/IP networks with traffic shaping
webalizer-2.1.10_5  A web server log file analysis program
wget-1.10.2         Retrieve files from the Net via HTTP and FTP
xorg-libraries-6.8.2 X11 libraries and headers from X.Org

Пожалуйста, посоветуйте способ, интернет траффик платный %(


