Re: [expert] very active NIC
Ken Hawkins wrote on Thu, Jul 04, 2002 at 10:22:47AM -0400 : Thanks, but I already have a basic monitor like thatI was looking more along the line of traffic analysis; others I've talked to are also google for etherape, download, compile, and install. Note that this will consume 100% cpu of whatever machine it runs on and will make that machine feel very unresponsive (until you close etherape). I normally can do everything I need with network traffic analysis by using iptraf (urpmi iptraf, it's on the supplemental apps CD). Blue skies... Todd -- Todd Lyons -- MandrakeSoft, Inc. http://www.mandrakesoft.com/ UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn Cooker Version mandrake-release-8.3-0.2mdk Kernel 2.4.18-21mdk msg56069/pgp0.pgp Description: PGP signature
[expert] very active NIC
What is the best program to monitor traffic on my NIC? As of this morning, I have seen that my traffic LED's on my NIC have been going berserk, and my network connection is slow. Usually my LED's are quiet. THX K Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] very active NIC
Ken Hawkins wrote: What is the best program to monitor traffic on my NIC? As of this morning, I have seen that my traffic LED's on my NIC have been going berserk, and my network connection is slow. Usually my LED's are quiet. THX K Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Knetload is a great program for monitoring NIC throughput. For some reason Mandrake doesn't install it by default. You'll find the rpm on your distro disks. You might even get kcpu while you're at it. They're similar in design and sit in next to the clock. Sevatio Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] very active NIC
Thanks, but I already have a basic monitor like thatI was looking more along the line of traffic analysis; others I've talked to are also seeing a lot of traffic, basically network noise but we would like to track it down to see which NIC/IP address the traffic is from/to. Perhaps a gnutella server; we had to shut a couple of these down before. K On Thu, 2002-07-04 at 12:34, Sevatio wrote: Ken Hawkins wrote: What is the best program to monitor traffic on my NIC? As of this morning, I have seen that my traffic LED's on my NIC have been going berserk, and my network connection is slow. Usually my LED's are quiet. THX K Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Knetload is a great program for monitoring NIC throughput. For some reason Mandrake doesn't install it by default. You'll find the rpm on your distro disks. You might even get kcpu while you're at it. They're similar in design and sit in next to the clock. Sevatio Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] very active NIC
On Thu, 2002-07-04 at 07:22, Ken Hawkins wrote: Thanks, but I already have a basic monitor like thatI was looking more along the line of traffic analysis; others I've talked to are also seeing a lot of traffic, basically network noise but we would like to track it down to see which NIC/IP address the traffic is from/to. Perhaps a gnutella server; we had to shut a couple of these down before. K This may be overkill, but try ethereal. You can really get in deep with what each packet looks like. I'm sure that there's a package for 8.2 in contribs. If not rebuild the cooker SRPM. -- /curtis Mandrake Linux 8.3 (cooker) Kernel Version 2.4.18-20mdk Uptime 4 days 14 hours 27 minutes Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] very active NIC
Ken Hawkins wrote: Thanks, but I already have a basic monitor like thatI was looking more along the line of traffic analysis; others I've talked to are also seeing a lot of traffic, basically network noise but we would like to track it down to see which NIC/IP address the traffic is from/to. Perhaps a gnutella server; we had to shut a couple of these down before. K KEN, It sounds like you are looking for some kind of network sniffer, and if that is the case, I would suggest something along the lines of Ethereal or DSNIFF. A network sniffer will capture and analyze network packets, showing headers and payload. If your interest is in finding out if a SYN, ACK, FIN, etc, flag is set in the packet header, or you want to see from what machine (PORT, IP ADDRESS, MAC) the packet came from, and to see the destination machine (PORT, IP ADDRESS, MAC) of the packet, network sniffers are what you use. You can, as well, glean a lot of other network info from running a sniffer too. Happy sniffing, drjung -- J. Craig Woods UNIX/NT Network/System Administration http://www.trismegistus.net/resume.html Character is built upon the debris of despair --Emerson Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
