Use a standard packet sniffer (dsniff, etherpeek, etc.) connected at various convergence points on your network and do one of two things depending on the functionality of the sniffer:
1) partial packet sniff and filter the results based on ports or save it to a text file and grep out the ports you want 2) if the sniffer supports it, look for your network top-talkers; file-sharing utilities use a lot of bandwidth just because of the queries each client sees (then sniff to see what ports data is being sent to/from) Don't capture the full packets if you can help it...stick with just the headers. That reduces trace packet file sizes and doesn't touch so much on network traffic monitoring issues (legalities like monitoring communications, etc.). Regards, Bomm Hush provide the worlds most secure, easy to use online applications - which solution is right for you? HushMail Secure Email http://www.hushmail.com/ HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/ Hush Business - security for your Business http://www.hush.com/ Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/
