[TriLUG] Linux tool to monitor IP traffic

Steve Hoffman srhoffman at gmail.com
Wed May 17 13:55:28 EDT 2006


Solved...it was actually as easy as looking at the configuration options of
iptraf...turns out you can put it in promisc. mode and viola...didn't take
long to see one host going nuts.  turned out to be someone backing up to
Arsenal Digital's ViaRemote, but this helped to quickly narrow it down to an
IP and port then it was just a matter of a nmblookup by ip to see who's
machine it was....


Thanks,
Steve

On 5/17/06, Magnus <stinkfart at gmail.com> wrote:
>
> On 5/17/06, Steve Hoffman <srhoffman at gmail.com> wrote:
> >
> > What is a good tool for tracking down a user taking up more
> > then their fair share..it should be linux based and I'd prefer something
> > on
> > the command line, but If it's windows based or a linux GUI i'll drag a
> > monitor back there or carry a laptop to the network closet.
>
>
> Sounds like a job for Netflow.
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



More information about the TriLUG mailing list