traffic analysis tools

Spiros Papadopoulos spap13 at googlemail.com
Mon Oct 23 09:18:58 UTC 2006


Hi there

On 21/10/06, Michael P. Soulier <msoulier at digitaltorque.ca> wrote:
>
> Hey people,
>
> I'd like something to look at traffic use through my gateway, so I know
> how
> much of my upload bandwidth and download bandwidth is in use at any time.
> Ideally it'll tell me from where, so I can look at internal abusers, or
> get an
> idea of where hits are coming from.


Is your gateway running FreeBSD? If yes why don't you try to run TCPDUMP on
it?

Off the top of my head, I can think of two tools.
>
> 1. ntop - great web interface, but I've found it unstable
> 2. iptraf - good curses interface, but I'm looking for trend monitoring
> 3. mrtg - as I'm running snmp, so I could just monitor it from a desktop
> running mrtg...
>
> Any other suggestions?


Take a look to Ettercap/Etterlog. It can capture packets in switched LANs,
remotely and can be combined with other tools such as TCPDUMP or Ethereal
and BPF filters. RTFM. I need to advice that you use such tools tenderly.
There is a large variety of packet capturing tools out there, check:
http://www.caida.org/tools


> Thanks,
> Mike
> --
> Michael P. Soulier <msoulier at digitaltorque.ca>
> "Any intelligent fool can make things bigger and more complex... It
> takes a touch of genius - and a lot of courage to move in the opposite
> direction." --Albert Einstein


Regards
Spiros


More information about the freebsd-questions mailing list