I can think of a few things, in addition to those mentioned above:
Most common things I can think of are windows protocols for making networked
life "easier" :-( Printer discovery and other net routines that run all the
dang time whether you have a need or not. Apple's printer detection routines
have been widely adopted. MS themselves add routines for determining routing
or announcing your machine or its resources, often still active even if you
have nothing to announce or share. Most, if not all, can be safely shut
down.
If it's periodic, mostly short bursts of disk activity closely coupled with
short bursts of modem activity you're observing, it could be "normal network
housekeeping"--your ISP asking "You still there?" and your PC answering
"Yep".
Longer inbound modem activity mostly without disk activity - network probes
and infection attempts. I've seen new,
never-before-on-the-Internet-in-any-way machines be infected in as little as
5 seconds when connected without proper protection. That doesn't meant that
the black-hats quit trying just because you *do* have protection.
Mid-length disk activity, mostly unaccompanied by simultaneous modem
activity - cache writes to disk.
Long bursts of disk activity, again mostly without much modem activity, if
any - Windows "housekeeping" of various kinds, mostly benign.
If you truly want to know *precisely* what's going on, and what you're
mostly interested in is what's on the wire, try downloading Wireshark:
http://www.wireshark.org/
Be prepared to learn protocol analysis if you do :-) but even rudimentary
knowledge easily gained can bear fruit.
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|