- Need traffic analysis tools
- Posted by srp336@getcoactive.com on August 26th, 2005
I've got a router at another location of my company that been having
some unexplained activity that I've been asked to investigate. The
router in question is their border router to their ISP. Throughout the
night, traffic is pretty much nil except for a period every single
night from about 4am to 5am, when the inbound traffic suddenly goes to
about 80% of their bandwidth. This is according to the ISP provided
stats page which is run on the serial port on the ISP's side.
I don't really have many formal tools to handle situations like this.
Usually, I use gathered statistics, ip accounting, and debugging when
things like this occur in the middle of the day when I'm at my desk.
What can I use to find out what's going on?
Thanks!
- Posted by Arnold Nipper on August 26th, 2005
On 26.08.2005 17:33 srp336@getcoactive.com wrote
Connect a Linux box to the switch where the ethernet interface of the
router is connected to, SPAN [0] it to the Linux interface and run ntopd
[2] on this interface.
Arnold
[0]
http://www.cisco.com/en/US/products/...8015c612.shtml
[1] http://www.ntop.org/
--
Arnold Nipper, AN45
- Posted by Dan Daniels on August 26th, 2005
<srp336@getcoactive.com> wrote in message
news:1125070389.335158.56060@g49g2000cwa.googlegro ups.com...
NetFlow either with or without a tool like nTop.
- dynamic analysis tools information (Programming) by vipindeep
- Traffic analysis (Software & Applications) by Ken Peck
- Traffic Analysis tool for 1721 router? (Routers) by Douglas McIver
- How have code analysis tools changed the way you work? (Programming) by Esther Schindler
- NetFlow collection/analysis (not flow-tools :) (Routers) by X.25
