Although it is possible you have a trojan on one or more computers
internally , but it might as well be someone FTPing a large file (a linux
iso etc....) from a nearby server , which will consume your T1 line (which
is not that large respectivly.
The options are quite simple (assuming you want to least changes possible)
, I'd enable SNMP on the router ( even though its not safe) and run mrtg
internally , and run a sniffer on the gateway to check packets traffic.
_|_ |__ ___ __ __
|_, | ) (__/_ (__) (__|
__/
On Wed, 22 May 2002, Jesse Morgan wrote:
>
> Hi, this is my first post to this list, so go easy on me.
>
> I've just started working as an IT intern at an architecture firm with
> around 80 people. We supposedly have a fractional T1 connection of some
> type, but frankly, my DSL connection at home is more responsive. I know for
> a fact that most people here don't use the connection(about 10 ppl total
> actually do).
> I want to find out where the bandwidth is going. I figure I could set up a
> proxy, but that would take alot of effort getting the Idea through the
> Admin(*grumble*)...(there's currently NO security here, but I'm trying to
> change that.)
> I know that we have a Cisco router of some sort, but I haven't really
> gotten a feel for the equipment yet. is there a passive way for me to
> figure out who's hogging the bandwidth? For all I know, someone could have
> found a securiy hole and they're hosting an warez site off of us :/
> ***Anything*** is possible here.
>
>
> thanks,
> - Jesse the Intern
>
>
