Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Sniffing on my lan HELP

Status
Not open for further replies.
ladnir

ladnir

IS-IT--Management
Joined
Feb 5, 2011
Messages
1
Location
US
he i have been looking into ways to monitor my lan in order to keep it running fast and to see who is misusing it or slowing it down. my network looks like this.
network.png


i would like to what bandwidth each computer is using. what their traffic is ie. what websites they view. Warnings if my ping get to high and any other good network monitoring tools.

i am not completely sure how to go about doing this. from what i understand because i have a switch i am going to have to do some trickery to be able to see the traffic. something along the lines of ARP poisoning.

i am looking for someone to point me in the right direction and any other helpful hints.

thank
 
Sort by date Sort by votes
Hi.

Looking at your diagram, you might have some difficulty in instrumenting a network analysers (be it a freebee like wireshark on a laptop, or something more sophisticated like a netscout infinistream.

You've got two options, SPAN and TAP.

SPANS (sometimes called mirror ports) are types of ports on switches that can send a copy of data on a port to another port for monitoring, most CISCO and HP switches allow this.

TAPS are effectivly the physical equivilent of spans. e.g.
Once you have got instrumented its a case of capturing. You can use wireshark with your NIC set to promiscuous mode to see data, better still look at a network analyser with a disk drive -> the difficulty is often recreating an issue or timing your capture to get the 1/2 second burst that tells you what the problem is. Something like an infinistream will help you do this. These tend to be fairly expensive, but will cut your investigation times significatly.

Final option, you could get some proffessional services, these guys are very good and use netscout hardware to diagnose faults.

Good luck

The OSS Guy
 
Upvote 0 Downvote
What Cisco switches are you using, is there a spare point on each for SPANning?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

TTjames
  • Locked
  • Question Question
NetSaint no longer online
Replies
0
Views
539
TTjames
TTjames
dustbuster
  • Locked
  • Question Question
How to sever client connection based on timeout or bandwidth
Replies
0
Views
560
dustbuster
dustbuster
BJZeak
  • Locked
  • Question Question
Please help with Internet Connect issue
Replies
4
Views
706
BJZeak
BJZeak
mattm31
  • Locked
  • Question Question
Need help with strange problem
Replies
0
Views
463
mattm31
mattm31
shedlord2
  • Locked
  • Question Question
Best (simple) sniffer to use for detecting illegal filesharing on a network?
Replies
1
Views
630
fortunat
fortunat

Part and Inventory Search

Sponsor

Back
Top