|
Security Basics
mailing list archives
Re: Sniffering and Protocol Analyzer ?
From: "Kurt Buff" <kurt.buff () gmail com>
Date: Mon, 9 Jul 2007 15:50:45 -0700
On 7/8/07, Mohamed Farid <mfarid () mscc com eg> wrote:
Dear All :
I have a problem :
I have a MRTG on one of my Internet Switches and it shows that the
traffic is almost 100% utilized ...
I need to have a packet sniffering and protocol analyzer to show me the
PC which is the cause of this problem ...
I used Ethereal ( Woreshark ) but I couldn't get an easy output ...
Can you advise what should I do ?
Mohamed Farid ,,
MRTG is a good tool for finding which machine is consuming bandwidth,
but it must be set up correctly.
First, what leads you to believe that utilization is nearing 100%?
Which link (or set of links) showing high utilization, and in your
environment what exactly does that mean?
Second, are you monitoring all of the ports on your switch?
Third, do you allow more than one machine to connect to an end-user
switch port? If you do, then you'll need to use another tool, such as
ntop or something else, to see which MAC address on the affected
switch is causing the traffic.
Lastly, if you have more than one switch, you may need to monitor them
all, to finally pinpoint the culprit.
Kurt
 By Date 
By Thread
Current thread:
|
Intro
