Strange traffic on My Cloud

Hi guys,
i have some strange traffic on my MyCloud drive. I realize it, because i see green light on network card every night, even if i do not use my disk and transmission disabled.

I tried to figure out what happening, and got this log with tcpdump:

but i still do not know, which process make this requests :(.

Do you have a Mobile app or any app that connects to it?
I think if you have auto sync on in the app, it connects every time depending on frequency you have.

Cause it has to make a REST API call to your my cloud every time it tries to auto sync.

No :(. I even have no idea what type of program it could be.
Any ideas how i can get process name on MyCloud?

I just got a chance to look at the pic you posted.

That IP destination IP belongs to:

OrgName: Internet Assigned Numbers Authority
OrgId: IANA
City: Los Angeles
StateProv: CA
Country: US

I would think this is WD tracking your latest IP.

You have cloud access enabled right?

You have cloud access enabled right?

No. Disabled.

And my IP is much different. I’m from Russia.

BTW My router also blinking with Internet Access light all night.

Weird.

I’d wait for other people to chime in. I’m out of ideas.

May be there is some unix guru? I have no idea, how get process name with this internet activity.

All network devices that are plugged in and powered up will show activity - random and constant. This is normal. A network is always polling to verify routes and connected devices.

Paul
If you are concerned and want to verify this, disconnect your Gateway Connection (if ADSL, pull the telephone connection; if cable disconnect the co-ax). Then watch your networked devices. They should still be blinking.

Paul

Those are IP Multicast IANA reserved list. IGMP from Twonky I presumed.

WDMyCloud:~# /etc/init.d/twonky status
No Twonky server is running

miniDLNA not installed. At least after last update firmware.

service --status-all
[ + ] apache2
[ + ] assimilateNewDrive.sh
[ + ] atop
[ - ] bootlogs
[ ? ] bootmisc.sh
[ ? ] checkfs.sh
[ ? ] checkroot-bootclean.sh
[ - ] checkroot.sh
[ - ] commgrd
[ + ] cron
[ ? ] hdparm
[ - ] hostname.sh
[ ? ] hwclock.sh
[ + ] ifplugd
[ - ] itunes
[ ? ] killprocs
[ ? ] kmod
[ + ] lltd
[ + ] mDNSResponder
[ + ] mdadm
[ + ] mdadm-raid
[ ? ] mdadm-waitidle
[ + ] monitorTemperature
[ + ] monitorio
[ - ] motd
[ ? ] mountDataVolume.sh
[ ? ] mountall-bootclean.sh
[ ? ] mountall.sh
[ ? ] mountdevsubfs.sh
[ ? ] mountkernfs.sh
[ ? ] mountnfs-bootclean.sh
[ ? ] mountnfs.sh
[ ? ] mtab.sh
[ ? ] netatalk
[ ? ] networking
[ + ] nfs-common
[ + ] nfs-kernel-server
[ ? ] nspt
[ ? ] ntpdate
[ + ] onbrdnetloccommd
[ - ] openvpn
[ ? ] pfe_init
[ - ] procps
[ ? ] purgelogs.sh
[ + ] ramlog
[ ? ] rc.local
[ ? ] recreateUserMD.sh
[ + ] reset_button_mon
[ ? ] restoreSettings.sh
[ + ] restsdk-serverd
[ - ] rmnologin
[ + ] rpcbind
[ - ] rsync
[ + ] rsyslog
[ + ] samba
[ ? ] saveclock.sh
[ ? ] sendsigs
[ - ] smartd
[ - ] smartmontools
[ + ] ssh
[ - ] sudo
[ - ] sysstat
[ - ] twonky
[ + ] udev
[ ? ] udev-mtab
[ - ] ufsd
[ ? ] umountfs
[ ? ] umountnfs.sh
[ ? ] umountroot
[ + ] upnp_nas
[ - ] urandom
[ - ] vsftpd
[ ? ] wdAdminEntry
[ ? ] wdAdminFinalize
[ ? ] wdAppEntry
[ ? ] wdAppFinalize
[ + ] wdAutoMount
[ ? ] wdEmergencyEntry
[ ? ] wdEmergencyFinalize
[ ? ] wdInitEntry
[ ? ] wdInitFinalize
[ ? ] wdPreBoot.sh
[ ? ] wdVftEntry
[ ? ] wdVftFinalize
[ - ] wdmcserverd
[ + ] wdnotifierd
[ - ] wdphotodbmergerd
[ + ] winbind

IIRC there’s two services in MyCloud using IGMP SSDP Multicasts, Twonky and UPnP.

service upnp_nas stop;

update-rc.d -f upnp_nas remove;