Date: Mon, 23 Oct 2006 10:18:56 +0100 From: "Spiros Papadopoulos" <spap13@googlemail.com> To: msoulier@digitaltorque.ca Cc: freebsd mailing list <freebsd-questions@freebsd.org> Subject: Re: traffic analysis tools Message-ID: <dab71e150610230218j43e78062kbf0e46ff58a2f8f2@mail.gmail.com> In-Reply-To: <20061021141934.GP31580@tigger.digitaltorque.ca> References: <20061021141934.GP31580@tigger.digitaltorque.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi there On 21/10/06, Michael P. Soulier <msoulier@digitaltorque.ca> wrote: > > Hey people, > > I'd like something to look at traffic use through my gateway, so I know > how > much of my upload bandwidth and download bandwidth is in use at any time. > Ideally it'll tell me from where, so I can look at internal abusers, or > get an > idea of where hits are coming from. Is your gateway running FreeBSD? If yes why don't you try to run TCPDUMP on it? Off the top of my head, I can think of two tools. > > 1. ntop - great web interface, but I've found it unstable > 2. iptraf - good curses interface, but I'm looking for trend monitoring > 3. mrtg - as I'm running snmp, so I could just monitor it from a desktop > running mrtg... > > Any other suggestions? Take a look to Ettercap/Etterlog. It can capture packets in switched LANs, remotely and can be combined with other tools such as TCPDUMP or Ethereal and BPF filters. RTFM. I need to advice that you use such tools tenderly. There is a large variety of packet capturing tools out there, check: http://www.caida.org/tools > Thanks, > Mike > -- > Michael P. Soulier <msoulier@digitaltorque.ca> > "Any intelligent fool can make things bigger and more complex... It > takes a touch of genius - and a lot of courage to move in the opposite > direction." --Albert Einstein Regards Spiros
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dab71e150610230218j43e78062kbf0e46ff58a2f8f2>