Packet sniffers

Page may contain affiliate links. Please see terms for details.

Tan

MB Enthusiast
SUPPORTER
Joined
Oct 2, 2002
Messages
2,901
Location
Woodford Green
Car
W140 S-Class, Porsche Cayenne and Porsche Boxster
Hi

I have just started a new job and the router at work is showing a lot of activity and the internet has slowed to a snails pace. I want to minitor the traffic travelling across the router to see if anything rouge is causing the excess activity.

I have been recommended to try ethereal and snmp. Do you guys have any other suggestions?

Regards

Tan
 
ethereal is widely respected mate.

Dont they have a firewall in line?
 
I would go and look at a company called network instruments, they have a product called observer. This does the same as ethereal, and adds statistics. You can get graphs of top talkers (pin points the user that has flattened the network) and you can also look at network metrics and bottle necks too :) very usefull tool
 
Can't you simply turn on the logging function of the router ?
 
most logging fuctions on routers are fairly limited and ultra basic.

packetyzer is another good application to try.

and if your feeling adventerous u could also try Airmagnet which is a kick-ass wireless lan analyzer.

Are you not able to install a firewall as this will give you all the information you need.

Snapgear and Gnatbox firewalls are designed for small offices to name a few.
 
On another note - if you had a firewall u could just allow http,https,ftp,dns and smtp outbound access. You could also lock services down via source ip address.
 
Tan said:
Hi

I have just started a new job and the router at work is showing a lot of activity and the internet has slowed to a snails pace. I want to minitor the traffic travelling across the router to see if anything rouge is causing the excess activity.

I have been recommended to try ethereal and snmp. Do you guys have any other suggestions?

Regards

Tan

Back to basics - I take it they dont just have a 64k ISDN line or anything daft like that?
 
True, but if there is a large quanity of traffic going to/from one place or type of traffic, this should be logged......or loggable.

(I do have this problem wher I assume Router = Decent Cisco kit though......) - I know not all can afford or justify buying it though....)
 
Last edited:
frog1520 said:
Back to basics - I take it they dont just have a 64k ISDN line or anything daft like that?

Nope its a an ADSL connection, although at the moment BT are only providing 512K, I have requested BT to upgrade it to either 1 or 2 Meg.

In reality the ADSL speed is not the factor that is causing the slowdown as it was working faster last week.
 
WLeg said:
True, but if there is a large quanity of traffic going to/from one place or type of traffic, this should be logged......or loggable.

(I do have this problem wher I assume Router = Decent Cisco kit though......) - I know not all can afford or justify buying it though....)

The routers that are used are Cisco kit, however having spoken with the company that installed and support the server they have not / could not use the Cisco software and have used something else.
 
Sounds scary.....They use Hardware that they don't understand or know how to use.....and can't propertly support....you're not paying them as well.. ??
 
WLeg said:
Sounds scary.....They use Hardware that they don't understand or know how to use.....and can't propertly support....you're not paying them as well.. ??


According to the engineer at the support company the Cisco software would not interface with the other software that we have on the servers.
 
peterchurch said:
I would go and look at a company called network instruments, they have a product called observer. This does the same as ethereal, and adds statistics. You can get graphs of top talkers (pin points the user that has flattened the network) and you can also look at network metrics and bottle necks too :) very usefull tool

Looks impressive, any idea how expensive this is? Any ideas on how it is licensed, i.e. network size / subnets etc...
 
Its quite expensive I don't know howmuch these days because I have a licenced copy leftover from a deal that we had with them its worth its weight though. you can get a fully working copy for a months trial which would be enough to figure out Tans problem ;)

But trained with the kit we used to sell guys out for £1000 - £2000 a day !
 
peterchurch said:
Its quite expensive I don't know howmuch these days because I have a licenced copy leftover from a deal that we had with them its worth its weight though. you can get a fully working copy for a months trial which would be enough to figure out Tans problem ;) !

Figured that it would be epen$$$ive, but also guessed that the demo version may be more limited. Will give it a go for something I'm looking at.

peterchurch said:
But trained with the kit we used to sell guys out for £1000 - £2000 a day !

£1k to £1.5k / day - sounds about right for good network guys. Not bad work if you can get enough of it :)
 

Users who are viewing this thread

Back
Top Bottom