Hi I'm running Dachstein 1.02. With a public IP DMZ plus some masqueraded workstations. We are connected via a shared 10/100 link to our ISP.
Recently we've come under attack, but I can't figure out where or what by. The first I noticed was very high internet use reported by our ISP. 100 times our normal traffic. What's my best solution for tracing this traffic, I have run tried iptraf and snort, but I don't seem to be getting the data in a useful format. What I think I need is to find out: how much traffic is my firewall receiving (on the external port) how much is being transmitted which internal machines receive the most traffic, how much traffic is that Thanks in advance Greg Ford _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
