Hughesnet Community

Data is leaving! Trying to catch culprit!

cancel
Showing results for 
Search instead for 
Did you mean: 
Lab-Lover
New Member

Data is leaving! Trying to catch culprit!

I got home last night from Miami. My husband and I went to bed at 11:15pm. (Together) we both woke up, and I turned on the computer at 730am. I document my data twice a day currently. So, when I went to bed at 11:15pm, the Anytime Data was 9.8GB, and Bonus Bytes 3.5GB. This morning the Anytime Data is 11.9 GB and the Bonus Bytes was 3.6 GB.
I realize that 1.2 GB in 2hours and 45 minutes is not a lot for some. (I also know the data monitor is limited in watching data) HOWEVER, in keeping track of my data for the last 6 weeks, my data loss for that time period has never been over 400MB! (And usually that is because my husband is up way later then me, or vice versa)
So? How do I catch the culprit? I know that I was given a long list of directions (I don't remember who?) right before I was hospitalized and my plan this morning (before this even happened) was to print that out and do the list of things!
Question: if I installed GLASSWIRE (which admittedly I have refused to do) would. Be able to see what was happening? I am prepared to install GLASSWIRE... Because this is maddening.
Everything.... I mean everything is turned off, or any downloads are done with my knowledge, etc (I have them set to go at certain times)
Of course.... It is SATURDAY!!!!!!!!!!!

Thanks guys!!!

Kim
31 REPLIES 31
debbie.jean.bro
Advanced Tutor

BirdDog, THANK YOU for your very detailed and educational posts above! I have a good working understanding of how software works, but until a few days aqo, almost no understanding of how hardware works, beyond know what connects to what to set up the system. And I now know what Glasswire is! I kept reading the term on these forums, but now I get it.

For me, the single biggest things I've done to stop "leaking" data were:a) turn my computer OFF when not in use, and b) only connect to wifi with my phones when I'm actually using the internet, then turn OFF wifi. And, at night, turn OFF the phones. I know, it sounds like DUH! But I've always had Comcast and Verizon (well, except way back in the day when I had AOL, haha!), and I just always left everything on all the time. So turning things off when not in use was a big ah-ha moment for me.

 I currently have zero wired devices and three wireless devices- an HP PC laptop and two iPhones--one is mine and one is my daughter's. We can't get cell service way out here and thus have a landline phone (CenturyLink). We use our iPhones (a 5c and a 5s) for internet, to store contacts, the calendar, alarm clock, flashlight, lol--basically for everything EXCEPT a phone. 🙂

Question: does the printer use data? It is not wireless; when I need it, I plug it into my computer.

Kim, in case you see this, I have Juvenile Rheumatoid Arthritis. I'm 56; it was diagnosed when I was 2. I'm so sorry you've been ill and even hospitalized! I wish you the very best.

To all our champions out there--thanks so much for taking the time to assist us newbies! 🙂
Lab-Lover
New Member

Hey Chew! Yes, you are in good hands w BirdDog! I don't think your printer uses internet since it is a plug in? Mine is wifi, and it could use Internet, if I allowed if, it has a feature that you can "email" Doc's to it and print from anywhere. I have the feature as well as all internet updates to it turned off. It is only allowed to communicate w the internet if I allow it. So, I think since you don't have those features, it is ok. HOWEVER, BirdDog and The rest of the experts will know for sure!
Welcome to a fellow Rheum girl! The disease is terrible but the people are not!!! Kim
Gwalk900
Honorary Alumnus

Chewagirl,


"Question: does the printer use data? It is not wireless; when I need it, I plug it into my computer."

Answer: Most likely not. Where is gets tricky is that there are printer drivers  and then there are printer programs and software packages.

On the typical small USB printer, you plug it into the computer, the computer "sees" the printer and load a set of basic printer drivers to enable operation and that's it.

In other cases, HP is famous for this, plugging in the printer will load the basic drivers AND awaken what can be a very comprehensive set of software programs that can be used to not only manipulate pictures and text for printing but also for "sharing". The "sharing" of the pictures and documents with others is obviously going to use data but ..... what about that nice software package that allows all this to happen.

It has been my personal experience that you simply cannot trust software to follow its settings.

On instance that I have screenshots of the software settings for is a program called Garmin Express. It is (or is supposed to be) an on demand  software and map update utility for my Garmin GPS nav unit.

Originally it was set to only do updates between 2am and 8am. It has taken it upon itself to do otherwise on more than one occasion as evidenced by this repost of a topic of mine:



I checked my remaining  allowance this morning and seen another large chunk of data gone !

This would have fallen somewhere between a Mystery and one of those Conundrums we hear about.

A peek at Glasswire shows that despite settings to the contrary Garmin Express (GPS updater) hit me twice in the last 30 days.

Moral of the story: If you are missing data don't depend on program settings and have some type of monitoring program installed.


Settings set to 2am to 8am:


Glasswire shows two Garmin Express hits in the past 30 days:



I guess my point here is: Software is a lot like Dogs and Children. Just because you tell them to do something doesn't mean they are going to do it.

All of the above is software related but we really have to consider some router related aspects.


Having a router really multiplies the potential for "leaks" and in ways many users will not have considered.

I have posted this before but it bears repeating ..

Lets look at a block diagram of a typical home router ...


There are three areas of potential data use;


Area #1 consists of the routers "hardware", its internal settings and permissions and securing access to area.

This is an area that is easily overlooked.

First is securing the area. When you enter the Routers LAN IP you will be taken to the Routers "Log On" screen.

Here is the manufactures default settings from my old Netgear:

It is imperative that that a user change both the username and password to something unique and known to only a single person. There should only be one network administrator.

This is the interface that protects integrity of your networks settings and permissions.

One area of vulnerability and unseen potential data use is at the core of the Routers "firmware" chip.

Usually this chip is given the right to access the internet, connect to the manufacture of the router and check for newer firmware updates (read as "instruction rules") and install them.

I suggest that this be disabled. YOU need to be in control of when data is used and hardware is updated.

Updating firmware can be a tricky thing. One rule of thumb is "if its not broke, leave it alone".

I guess I fall into this category. If it (the firmware update) does not add a new function or address a vulnerability, leave it alone.

The above, if enabled, is a potential leak source but a manual check for updates should be periodically done and the "change log" read to see if the update is needed.

There is currently some newly discovered vulnerabilities in the Dlink- 822 family of Routers that should have their firmware updated.

That addresses the GUI access security and the "guts", now on too  "permissions".

> The Routers LAN IP should be set to 192.168.1.1 so as to not conflict with the Hughes Modem at 192.168.0.1 <

> All "Guest Accounts" should be disabled <

> The WPS function should be disabled <

> Remote Access should be disabled and any existing R/A accounts closed <

> The QoS function should be disabled <


Area #2: wireless.

This is the hardest area to address because there are so many levels of "wireless encryption" (or the complete lack of) that SHOULD  limit access to only authorized  computers and devices  and their many Apps, Program Packages AND unseen background PROCESSES  and these will be PER DEVICE. The leak potential adds up quickly.

The first thing is KNOW YOUR DEVICES by their MAC addresses.

Every device is going to have a unique MAC address and every router is going to have a area in the routers GUI to see what devices are currently connected.

Usually this will be under the heading of "Attached Devices" or similar:

This can be helpful in finding things like weak wireless encryption levels (none or WEP for example) or if a Guest Account has been overlook.

Know your devices.


Wireless Connectivity and Security:

I wish a had a nickel for every time I seen someone post: "I live out in the Boonies and my Router is "password" protected".

The strength and "radiation pattern" is different for each router, some circular, some in the form of a figure 8, some better in the vertical plane (good with two story house) other in the horizontal (better with a ranch style) some are in the 2.4 GHZ frequency range with others in the 5 GHZ range. All will behave differently and all will have amazing range with the right conditions of weather, building construction, obstructions, reflections and interference. Don't always count on the range, distance and radiation pattern being the same. It isn't.

Wireless security can range from "none" (open network) to increasing levels. Here is a list .. weakest to strongest:


None

WEP

WPA-PSK [TKIP]

WPA2-PSK [AES]

WPA-PSK [TKIP] + WPA2-PSK [AES]


With no encryption enabled, any device that comes within range is free to latch on to your Hughes connection and use data. No "authorization" needed.

If a visitor comes over and they have a cell phone in their pocket ... BAMM GOTCHA !, Cell phones love to connect for updates and other "stuff". The same applies to a tablet in a visitors purse or pocket.

Next up we have the WEP encryption standard.

WEP is so easily cracked that you might just as well be running a totally unprotected network but at least it requires "authorization" in the form of a password or passkey  that is generated inside the router, is visible from inside the routers GUI (That SHOULD be protected by its own username and password).

WEP is good enough to prevent casual "drive by" connections but that is about it.

It does however point out that there are (or should be) TWO levels of "passwords" in use:

One protects access to the routers settings (INCLUDING the wireless channels passkey) and the second being the wireless password itself.

The further down the list posted above, the more secure it becomes. Some older devices may not be able to connected with some of the later more secure levels. It all depends on what you are using.

Leaks however are multiplied by the number of wireless devices connected, their software "load", the software settings ... and if the software chooses to follow those settings (see my Garmin Express example).

On a Windows laptop you could install Glasswire on that machine and see in detail what IT is doing but that still leaves phones, tablets, network printers, chromcast dongles and who knows how many other devices and wireless connection paths that aren't being monitored.

If you network, at the core of that network is your router ... everything that is connected, all data that is used, will run through that central point.

Some higher end routers can monitor and report use per device. They are worth the money if you have a data capped service and have questions or doubts as to what is using your data.


The 3rd area of course are the wired devices.

These can be computers, printers and scanners, network servers .. the list goes on.

Each will have unfettered access to your wired connection. The only limits being if the machine is "on", "hibernating" or truly power off.

Glasswire can be installed on EACH of the Windows machines and the results totaled. I don't have enough experience with other OS's to recommend or comment in detail but their should be a utility for each.

Again, a high end router can pinpoint be device so that that device can be singled out for closer scrutiny.

In the end tracking data usage requires at least an overview of the "shape" of your network and its component parts.

Its not intuitive, its not easy in the beginning for a novice user.

That is why companies large and small have IT Departments.

If a user chooses to "network" their connection they must learn to some degree to become their own IT Department.

You don't need to become and expert. With a little guidance you can learn enough to understand some key points and areas to monitor and that will get the job done.

 





debbie.jean.bro
Advanced Tutor

Yep! I've had 5 joint replacements so far--both knees, both hips, one elbow. Need the other elbow done and need back surgery, but don't have that kind of time right now. Thank the good Lord for biologics! I do OK, though. Keys for me are enough sleep, low carb diet, and moving. 🙂 Sorry your internet is not working out for you.
GabeU
Distinguished Professor IV

Ugh!  Back surgery.  I have to have that done, and am putting it off until I absolutely can't  stand it anymore.  I don't like the idea of someone cutting near my spinal cord.  No surgeon "oops" moment, thank you. 
debbie.jean.bro
Advanced Tutor

Hey Gwalk900,

Thanks for your detailed response! I read your OP with the diagram a couple of days ago, and studied it. You are so right about weather conditions--there are times when I'm turning on wifi on my phone where I can see up to 4-5 neighbor's accounts (of course, I don't have their passwords), and other times when I can't even see mine. I will need to study the other part of your post regarding security and passwords.

I recently had a huge data suck, but I know exactly where it came from. I'm letting a family of five stay with me for a while, while they get back on their feet financially. The three kids are on their phones all day long, downloading games and apps, playing said games, watching YouTube, etc. My data resets on the 17th, and they used all my 10GB and most of my bonus bytes in a little over a week (they were downloading stuff overnight). Frankly, I'm surprised the 10GB went as far as it did. I upgraded to the 20/50 plan and then changed the wifi password, because I do a lot of work from home and must have internet access. Now this sounds kind of mean, and I feel kind of bad about it, but I told all of them (parents included) that we ran out of data and won't have internet service again until Sept 17. So they don't know I still have internet access. Luckily, they are all fairly computer illiterate and don't know I changed the password. The 20/50 plan is the biggest one available to me and I couldn't afford a bigger one anyway. So when the 17th rolls around, there will be some parameters established regarding kids and internet use.

Other than that, I haven't really worried about leaking data because the 10/50 plan was more than sufficient for me and my daughter. My daughter is out of town for a few months, so I'll split the 20/50 plan in half and let the family use 10/25. I definitely HAVE done almost all the suggestions you and BirdDog and others have recommended for conserving data and that's probably why I've never run out before.

Random question: I know what FAP mode means, but what do the letters actually stand for?

THANKS MUCH for your kind reply!

🙂
GabeU
Distinguished Professor IV

Fair Access Policy. 
Gwalk900
Honorary Alumnus

FAP stands for Fair Access Policy.

When you use all of your data your speeds will be "throttled" to ABOUT 150 Kbps or about three times dial-up speed.

There are some changes however. I think all Gen4 plans (HT1000/1100 modems)have "SmartBrowse" that will kick in when your data is depleted and that will allow "basic" web browsing and email retrieval at normal speeds as long as the "data demand" remains ... low ... no streaming, no videos, no large attachments.

Having said that, you can of course purchase Tokens but that is another story.



 

debbie.jean.bro
Advanced Tutor

Thanks, Gabe and Gwalk! 🙂
Lab-Lover
New Member

Hi chew! I only have one day left (or something like that...) on Hughes. But I wanted to catch up with you since it sounds like we have a similar fight health wise (although, you win the award for fighting a much longer time) anyway, can I find you on Twitter, FB, or Instagram? Kim Byrne ( StmprKB on Twitter and IG)
Lab-Lover
New Member

Oh. As to the concern of the family using your data. It was NOT mean that you cut them off! You paid for it and they are guests in your household! Be strong in your limits and controls, but also know that kids can easily download stuff without you knowing, and as you know, you can't "undo" a download!! Kim