CurtPalme.com Home Theater Forum

[greg_mitch]

I would like to install some software that will log each IP on my network and its traffic both local and internet. Something that I could see in summary form is most helpful. Like data transfer per week/month per IP.

Anyone know of any good software? There are some things that my Dlink 825 can provide through the logs but nothing in a polished format.

Google is popping up a few but wanted to know if there was one program everyone else was using.

Thanks.

[greg_mitch]

Turns out my network card doesnt support promiscous mode so I don't think I can do this from my laptop...anyone know what I am talking about....I don't really.

[garyfritz]

Promiscuous mode is used for packet sniffing. The card snags every packet that goes across the wire instead of only packets that are addressed to it. Then the CPU can examine and log it.

I'm no expert but I think it can only see traffic to/from nodes on your local subnet. Anything else will not be sent on your local wire.

http://www.wireshark.org is a popular sniffer / protocol analyzer. I've never used it but it's supposed to be good. http://www.ethereal.com is another big one.

[ecrabb]

OK, I have to ask, Greg.... Why do you want to monitor all traffic on your LAN and into/out of your WAN?

Oh, and Chris Perillo is always raving about SolarWinds stuff...

http://www.solarwinds.com/products/freetools/netflow_analyzer.aspx

SC

[garyfritz]

Steve, from a quick look at the SW site, it looks like the free tool is only for analyzing NetFlow traffic -- which appears to be a proprietary protocol for Cisco routers. If Greg has a network full of Cisco routers he might be able to use it, but if he's just trying to eavesdrop on his local traffic I don't think it's the right tool.

[jkruger]

I have wondered sometimes if my network is slow due to one of my "housemates" having a virus on her pc that is slowing it down. With this I could identify all the traffic on my network?

[dturco]

Who thought this up? Promiscuous mode is used for packet sniffing.

I just have this vision of a dog walking up and sniffing, getting promiscuous,and humping away

[akajester]

Greg, what I've used is called ntop. I just set up a simple ubuntu linux box, it was a pentium 4 machine I had laying around, then installed ntop.

http://www.ntop.org/overview.html

All it requires is two nics or a monitor port on a switch and it'll gather every machine passing through it, and gives you protocal graphs, usage graphs, etc. It's amazing.

Very easy to install too;
https://help.ubuntu.com/community/Ntop

hope that helps,

[greg_mitch]

Thanks for the tips guys.

SC,

It came up when people posted they were blocking the Samsung Live Update site at their router so the live update wouldn't break their BR player. It got me thinking...how many other devices do I have connected or software I have running that is constantly chatting over the internet? I was more or less just curious...and I also caught "Andy's iPod" logged into my unsecured network the other day so I wanted to see what else was going on. I know, I know...it should be secured...I will get around to it...my N network is secure.

So many devices with an ethernet connection now.

[ecrabb]

Dude... You have an open wifi router? Some evil conservative tea party attendee could park in front of your house in his pickup truck (complete with gun rack) and use your router to email death threats to President Obama... The Secret Service would then be knocking on YOUR door to check it out! What are you thinking?!?!!



SC

[greg_mitch]

Wifi squatting is a felony. I'm not worried about it. I am sure we could track MAC addresses right??

[ecrabb]

I don't know about unauthorized WiFi use being a felony, Greg... That may be true in some states or locales, but not necessarily others.

Oh, and MAC addresses are easily spoofed.

SC

[greg_mitch]

Just google it...it is reported all the time. People stealing Starbucks wifi in the parking lot is illegal. I think third degree felony. Still a felony. You might have to show malicious intent. But I am sure I could scare a few neighbors to back off.

Not really my intent though...really I was just curious to see my entire usage over the course of a month. I always see that 5GB limit for wireless carriers and wonder how far over I really am.

[WanMan]

[WanMan]

[WanMan]

I would just buying a 5 year old Cisco router and monitoring packets on the Ethernet interface would do the trick, but this would capture traffic crossing only on an Ethernet switch sitting behind the router.

akajester, you had all of your traffic passing through this computer, which was acting as a router?

[akajester]

[bujj]

hm... as for me i prefer to use ProteMac Meter