Tim,
To run ntop (or ethereal) and see any meaningful traffic you either need to be
on a hub, have a connection to a managed switch that you can manipulate, or put your
machine in between the firewall and the switch so that it acts as a bridge.
A hub works kind of like a big room where all the connections "shout" the
information from one port to another, so everybody can hear everything. A switch works
more like a the old phone switches you see in the movies where an operator connects a
wire from one jack (port) to another. In a switch you can only see traffic to and from
your machine.
In the setup I have here we have our WAN connection going into port 13 of our
backbone switch. Using the management interface of this switch I have configured port
14 to be a mirror of port 13. The mirrored port is just a read-only port so I have a
second NIC in my network monitoring box to 'listen' to the WAN traffic (This card does
not have an IP assigned to it) This way I can hear(? see?) all of the traffic between
our LAN and the WAN connection. Personally I use a combination of ntop, iptraf,
ethereal, and etherape to view connections across our WAN.
Hope this helps.
Garl
-----Original Message-----
From: Timothy Bolz [mailto:[EMAIL PROTECTED]
Sent: Monday, March 03, 2003 6:56 PM
To: [EMAIL PROTECTED]
Subject: Re: [Eug-lug]network monitoring?
Bob
I am directly connected to a switch which and all the homepna switches are
connected to the same switch . I have one of the fastest connections. So it
sounds like I can use Ethereal and possibly ntop. Ntop looks like it would
work nice. Ethereal looks more invasive than I'd like to get. Ntop also
looks like it has a nice web interface and I like the fact it shows the time
the most traffic is. So it looks like anyone on a network can run ntop?
Thanks
Tim
On Monday 03 March 2003 04:50 pm, you wrote:
> Timothy Bolz wrote:
> > Thank you for responding. I work at a hotel about 2 months back we got
> > high speed internet for our rooms. It's a homepna system. We have DSL
> > to the hotel and it's split from there. The company who installed and
> > support it is http://www.trinicor.com . Half the hotel has high speed.
> > They Managers need a usage log to see if a lot of people are using it and
> > if all the rooms are being used then they would install the rest of the
> > hotel.
>
> Is there a place where you can plug your computer in between
> Trinicor's gateway and the rooms? If so, plug it in, fire up
> Ethereal, and see what you get.
>
> If you see traffic (you might want to go to a room and create some
> traffic), you're ready. If not, either find a different place to plug
> your box in or wait for Trinicor to implement the logging.
>
> As for logging and collecting, check out ntop. It is very featureful,
> but it was easy to install and set up on Debian (about two minutes).
> I don't know for certain that it'll give you the usage stats you
> want, but it looks likely.
_______________________________________________
Eug-LUG mailing list
[EMAIL PROTECTED]
http://mailman.efn.org/cgi-bin/listinfo/eug-lug
_______________________________________________
Eug-LUG mailing list
[EMAIL PROTECTED]
http://mailman.efn.org/cgi-bin/listinfo/eug-lug
