On Jun 14, 2012, at 1:07 PM, Steve Campbell <campb...@cnpapers.com> wrote:
> We have a situation here that is a real mystery. > > Our MRTG on our outgoing router and a firewall server that protects our > web servers is showing a spike every six hours. I can't find the server > behind the firewall that is generating such an extreme amount of > packets, even though I've looked through the crontabs of nearly all > servers, performed "ps" variations, and other types of investigation. > > Is there any type of package I can install that will monitor traffic and > report abnormal, over-threshold packets similar to what wireshark might > do in a manner that would allow me to determine where these packets > might be going or from where they originate? Setup a nettop server and netflow on the routing interfaces and you will find tour culprit. -Ross _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
