Michael Gorman wrote:
Snort sounds like it would be your friend in this instance.
Snort might take a while in setting up the rules. Here is a quick HOWTO on getting ntop up and running. http://www.howtoforge.com/network_monitoring_with_ntopAfter you're done, hit http://ServerIP:3000 and you can see a good little read out of the traffic.
