howtothings.co.uk
Local Network Traffic Monitoring and Analysis - Printable Version

+- howtothings.co.uk (https://www.howtothings.co.uk)
+-- Forum: Computing (https://www.howtothings.co.uk/forumdisplay.php?fid=4)
+--- Forum: Hardware, Networking and Wireless (https://www.howtothings.co.uk/forumdisplay.php?fid=11)
+--- Thread: Local Network Traffic Monitoring and Analysis (/showthread.php?tid=1008)



Local Network Traffic Monitoring and Analysis - Mark - 24-09-2011

So you've got your Wireshark, or your router with Tomato on it, or your other smancy tools but what are you using for some top notch Local Networking Monitoring?

I'm talking graphs, Websites visited, Bandwidth, Single host recognition, aka this IP address: 172.16.0.12 with the Hostname PC-06 (Who you know is Jims machine) is currently pulling 1mb a second down as we can see on this graph. If we then look back, we can see he's had a total of 20GB down in the last week. Why is he downloading so much? Lets go pwn someone.

Whether it's a dedicated Linux box, or a piece of Windows software or...

Curious to what you guys are using!


RE: Local Network Monitoring - Drumm - 24-09-2011

http://www.ntop.org/
I was once pointed at this Wink
I wonder if anyone on this forums has good knowledge of this software...


RE: Local Network Traffic Monitoring and Analysis - latch - 24-09-2011

I don't wonder that.



RE: Local Network Traffic Monitoring and Analysis - Pack3t SynAck3r - 27-09-2011

NTOP......hmmm, nope doesn't ring a bell. :ermm

Oh wait, ya it does, I have approx 40 Ntop boxes located here and there :facepalm

A tutorial on it would eat a lot of time up to be honest, which at the VERY moment I do not have. I can tell you that if the person who configures it is a moron then NTOP will become your network's bottleneck. Ask "the British chap who doesn't share an EXACT accent to yours, but is still considered to have a British accent." He has suffered on a network with an improperly configured box.

Ntop pwns, it works as a b/w monitor, security device, overall kick the shit out of your network utility, and you can write custom scripts for it. Winning! Need to know why your network has slowed down? Got rogue devices running around, got any machines trying to act as a zombie on a botnet and eat up all your precious resources and compromise your data? Ntop will find it if you tell it what to look for.

RTFM, you won't find anything better or more flexible. It is open source...how can you go wrong?


RE: Local Network Traffic Monitoring and Analysis - Drumm - 29-09-2011

Unless your network has slowed down because of the ntop being incorrectly configured and being a bottleneck!