On Thursday 14 November 2002 08:45, Todd Robinson wrote:
> This may not be the easiest way, but I have used it in similar
> circumstances. Iptraf comes with most Linux distros now. With it you
> can monitor interface traffic and see byte counts for individual IP
> addresses and port connections. I run it on my notebook and tap the
> line between the firewall and the inside switch with a hub. Set the
> program to run in promiscuous mode and it will track all the traffic on
> the wire. Let it run for a little bit, then scroll up and down the list
> to see who is racking up the highest byte count. This at least gives
> you a quick idea of who is consuming the larger amounts of traffic.
> There are also filters to include/exclude certain traffic to help clean
> up the amount of traffic displayed.
>
> You can do similar things with tcpdump and ethereal, but they require a
> bit more knowledge to sort out and deal with the data to get the answer
> you are looking for.
Yeah, iptraf is neat. If you can still find "statnet", that was another one of
my favorites for a while way back when.
If you want a thorough breakdown of usage, streams, hosts, and other info,
check out the dual command-line and web-based "ntop":
If you want a quick GUI representation of the nodes on your network and their
associated traffic, try Etherboy for Windows or EtherApe for Linux:
http://etherape.sourceforge.net/
http://www.ndgsoftware.com/
It's related to an ancient Unix tool that used DPS (display postscript) to
draw the same circular map of network traffic on early SunView and XView
displays.
There are dozens of other network tools that show this same information in
different ways. Anyone have a list of bookmarks to some of the better ones?
-- - Ian C. Blenke <icblenke@nks.net> <ian@blenke.com>(This message bound by the following: http://www.nks.net/email_disclaimer.html)
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:51:18 EDT