- Posts: 3
- Thank you received: 0
desperate for help ...
- knjaz_milos
- Topic Author
- Offline
- New Member
Less
More
20 years 3 weeks ago #6214
by knjaz_milos
desperate for help ... was created by knjaz_milos
Greetings everybody.....
let me get right to the point, my friend has asked me for a favor....he works in a small firm that has it's LAN connected to the net and they have been getting rather big bills from their ISP.As it seems his co-workers have been doing more that company related surfing and he has asked me to try to trace who is responsible for higher bandwidth consumption but I have a few restrictions:
1. No one will no I am doing it of course, besides my friend
2. It must be done from a new host imported to their LAN (a laptop), with some sort of network scanning method
3. The results must be logged somehow
4. If I have an option I would like to use windows based app (or apps) to handle this assignment
so...there you have it...any advice...please ?
let me get right to the point, my friend has asked me for a favor....he works in a small firm that has it's LAN connected to the net and they have been getting rather big bills from their ISP.As it seems his co-workers have been doing more that company related surfing and he has asked me to try to trace who is responsible for higher bandwidth consumption but I have a few restrictions:
1. No one will no I am doing it of course, besides my friend
2. It must be done from a new host imported to their LAN (a laptop), with some sort of network scanning method
3. The results must be logged somehow
4. If I have an option I would like to use windows based app (or apps) to handle this assignment
so...there you have it...any advice...please ?
20 years 2 weeks ago #6221
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: desperate for help ...
knjaz_milos,
If all you want is to log what's going in and out the network then I'd surely recommend you the IRIS packet sniffer. Simply grab a hub and connect the cable modem, your main lan connection and laptop with the IRIS software sniffing the data.
Iris has a neat function, allowing you to 'view' the captured data by host and protocol/service. This way you can see what each person has been doing throughout the day, without them knowing.
The program runs under windows and has a easy to navigate and friendly interface, so you'll get it up and running in no time.
We've got a shareware version available in our download section, give it a go and if you require any help with, post your question right here.
Hope that helps.
Cheers,
If all you want is to log what's going in and out the network then I'd surely recommend you the IRIS packet sniffer. Simply grab a hub and connect the cable modem, your main lan connection and laptop with the IRIS software sniffing the data.
Iris has a neat function, allowing you to 'view' the captured data by host and protocol/service. This way you can see what each person has been doing throughout the day, without them knowing.
The program runs under windows and has a easy to navigate and friendly interface, so you'll get it up and running in no time.
We've got a shareware version available in our download section, give it a go and if you require any help with, post your question right here.
Hope that helps.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
- davidklose
- Offline
- Junior Member
Less
More
- Posts: 45
- Thank you received: 0
20 years 2 weeks ago #6223
by davidklose
Replied by davidklose on topic Re: desperate for help ...
Well man, another good option is Ethereal. Its a freeware, it does a good work. Give it a try and see.
Good luck
DavidKlose
Good luck
DavidKlose
20 years 2 weeks ago #6224
by Greenice
Replied by Greenice on topic Re: desperate for help ...
Yep, I second Ethereal. Iris refuses to work on my pc for some reason. It always bombs out.
Another alternative to using a Hub would be to use port mirroring on the switch which services the LAN. Assuming that a switch is indeed used, and it supports this feature. Port mirroring enables a series of ports to have their traffic mirrored to a specific other port. By connecting your laptop to this other port and running your sniffer, you would see all the traffic on the ports being mirrored. Ofcourse, you would need to have management access to the switch in order to configure this. Best of luck.
Cheers.
Another alternative to using a Hub would be to use port mirroring on the switch which services the LAN. Assuming that a switch is indeed used, and it supports this feature. Port mirroring enables a series of ports to have their traffic mirrored to a specific other port. By connecting your laptop to this other port and running your sniffer, you would see all the traffic on the ports being mirrored. Ofcourse, you would need to have management access to the switch in order to configure this. Best of luck.
Cheers.
20 years 2 weeks ago #6229
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: desperate for help ...
IPtraf sounds like what you're looking for.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
- knjaz_milos
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
20 years 2 weeks ago #6245
by knjaz_milos
Replied by knjaz_milos on topic Re: desperate for help ...
Basically ...I need an app that I can leave for couple of hours running and later to analyze the captured data.....with any ease if possible ))...to determine what was happening .
Time to create page: 0.138 seconds