Skip to main content

desperate for help ...

More
20 years 3 weeks ago #6214 by knjaz_milos
Greetings everybody.....
let me get right to the point, my friend has asked me for a favor....he works in a small firm that has it's LAN connected to the net and they have been getting rather big bills from their ISP.As it seems his co-workers have been doing more that company related surfing and he has asked me to try to trace who is responsible for higher bandwidth consumption but I have a few restrictions:
1. No one will no I am doing it of course, besides my friend
2. It must be done from a new host imported to their LAN (a laptop), with some sort of network scanning method
3. The results must be logged somehow
4. If I have an option I would like to use windows based app (or apps) to handle this assignment

so...there you have it...any advice...please ?
More
20 years 2 weeks ago #6221 by Chris
Replied by Chris on topic Re: desperate for help ...
knjaz_milos,

If all you want is to log what's going in and out the network then I'd surely recommend you the IRIS packet sniffer. Simply grab a hub and connect the cable modem, your main lan connection and laptop with the IRIS software sniffing the data.

Iris has a neat function, allowing you to 'view' the captured data by host and protocol/service. This way you can see what each person has been doing throughout the day, without them knowing.

The program runs under windows and has a easy to navigate and friendly interface, so you'll get it up and running in no time.

We've got a shareware version available in our download section, give it a go and if you require any help with, post your question right here.

Hope that helps.

Cheers,

Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
More
20 years 2 weeks ago #6223 by davidklose
Well man, another good option is Ethereal. Its a freeware, it does a good work. Give it a try and see.
Good luck
DavidKlose
More
20 years 2 weeks ago #6224 by Greenice
Replied by Greenice on topic Re: desperate for help ...
Yep, I second Ethereal. Iris refuses to work on my pc for some reason. It always bombs out.

Another alternative to using a Hub would be to use port mirroring on the switch which services the LAN. Assuming that a switch is indeed used, and it supports this feature. Port mirroring enables a series of ports to have their traffic mirrored to a specific other port. By connecting your laptop to this other port and running your sniffer, you would see all the traffic on the ports being mirrored. Ofcourse, you would need to have management access to the switch in order to configure this. Best of luck.

Cheers.
More
20 years 2 weeks ago #6229 by sahirh
Replied by sahirh on topic Re: desperate for help ...
IPtraf sounds like what you're looking for.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
20 years 2 weeks ago #6245 by knjaz_milos
Basically ...I need an app that I can leave for couple of hours running and later to analyze the captured data.....with any ease if possible :)))...to determine what was happening .
Time to create page: 0.138 seconds