Results 1 to 4 of 4
  1. #1

    understanding netstat, and where to fnd detailed bandwidth usage

    hey guys

    my server is currently experiencing high bandwidth usage causing higher loads, so.....

    where can i find what exactly is using all the bandwidth? techs looked at the logs and pointed out some ip's using like 300mb in one day but that doesn't account for the usage which is in the dozens of gbs per day

    it has spiked from below 1gb a day to 10gb+ a day

    is there anywhere else other than the logs to look?

    just looking at netstat and could someone give me an idea of what

    imply? i ofcourse assume established means a connection has been established, but in what way? does that mean someone is logged into the server or could it just be a friend logged into his ftp account on the server? i noticed my useragent and quite rightly had ssh established next to it, as i was connected with putty.

    and what about send-q, i noticed some had a really high value for this?


  2. #2
    just looked at "top" quickly and i seem to be getting loads of defunct httpd with user nobody, what would cause that? if it's even an issue or sign of anything at all

  3. #3
    Join Date
    Jan 2004
    In general, the http server (apache normally) is run by the user nobody in order to provide some security versus running it as root, this is normal and nothing to be alarmed about. Also, you generally have one httpd process for each person currently looking at your site (or any site on that server served by apache). Hope that helps a little.
    James Lumby

  4. #4

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts