[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Traffic monitoring

You might want to try out the packat "iptraf" and monitor the 
interface ipsec0. It gives you various overwiews on traffic going 
over each port in / out as well as other statistics. Only drawback: 
It only counts as long as you leave it running on console. But I 
guess leaving it running for e.g. 12 hours (one work-day) should be 
sufficient to get an idea what's going on, right?

And you could also try to sniff the SMB-traffic ... there are 
probably ways to "listen" which files (with what filenames etc.) are 
transfered. I strongly believe there are tools doing this out there. 
Ethereal maybe? (Haven't worked with it yet.)

On 14 Mar 2003 at 20:03, Nils wrote:

> I have small but complicated problem.
> 
> How do you monitor what network traffic you have and how much? I want
> to be able to see the origin and destination, type and volume.
> 
> We have two computer labs, with its respective ISP-connections, both
> with volume based rates. These two sites are also connected to each
> other through a VPN. The volume between the two sites should really be
> marginal. Due to what we get charge by the ISP, we suspect a lot of
> non-sanctioned material (mp3..) being transported over smb. I would
> like to at least be able to monitor the volume from respective
> computer going through the firewall (and the VPN).
> 
> Preferably, I would like to have information like:
> ------------------------------------------------
> Date xx/xx/xx
> Workstation A (xxx.xxx.xxx.xxx) (95 MB)
>    SMB.....35 MB
>    HTTP....40 MB
>    RSYNC...10 MB
>    FTP......5 MB
>    SSH...
Reply to: