Print

Print


You could mirror all traffic to your machine (would need access to your 
main router and the switches leading up to your machine) and run a 
sniffer for about 10 minutes.  When you think you've collected enough 
information stop the sniffer and run an analysis on it (sniffers you pay 
for would have decent analyzers, not sure how ethereal's is).  The 
analysis should show which machines are creating what % of traffic.  Or 
instead of analyzing you could manually look for which machine is 
creating a ton of packets.

Hope this helps

~Mark Oden

Jeff Lasman wrote:
> This stuff always drives me crazy...
>
> One of our clients writes:
>
> <snip>
> We have a high amount of incoming data (green on the graph) - can we 
> tell what this is?  It seems very constant!
> </snip>
>
> He's writing about an mrtg graph average of 300 gbps.
>
> Any easy way (on linux) to tell where the traffic is coming from?
>
> Thanks.
>
> Jeff
>