1

I have a virtual machine hosted by Hyper-V, in a physical server provided by Hetzner.

The physical server has Windows 2008 R2 Server, and the virual machine has Windows 7 Pro 32-bit.

The virtual machine is running IIS and is accessible from outside via a dedicated IP.

My traffic is monitored by Hetzner, and sometimes I receive a notification for a huge spike in outgoing traffic (for the VM's IP), like 2 or 3 GB in an hour. But this is a test machine, and only a few people know about it.

There is absolutely no demand that justifies this volume of data transfer.

Using TCPView from Sysinternals, running on the VM, I don't see any suspicious connection.

Can the traffic be caused by a process not listed in TCPView?

pvieira
  • 173
  • 1
  • 2
  • 7

1 Answers1

0

When they tell you have a spike of outgoing traffic execute the Resource Monitor of Windows 7 (using perfmon.exe) and go to the tab called Network.

There you can order your process by send bytes per second and know what is sending that traffic. Regards

Ricardo Polo Jaramillo
  • 2,039
  • 1
  • 18
  • 35