Hello all, I see the list is pretty active today... I'm new and looking for answers - please :)
Our Ntop box is missing most of my traffic. It's getting mostly netbios, dhcp and other broadcasts... Plus the odd trickle of other information. Bandwidth stats never pass about 200 kbps but I know I've pushed over 3500 kbps today alone. We're running ntop pre-compiled snapshot for win-32 (3.2.6.). In terms of architecture, I've got the ntop box hanging off a hub (in promiscuous mode) between our LAN's gateway router and the firewall's internal interface. nTop SHOULD be seeing all traffic in and out of our LAN. We ran a series of test files from a host on the LAN - downloading "dsl speed tests," big emails, etc. I still only show 405 bytes sent (none received) for the host - only arp, netbios and some other udp traffic (looks like mostly broadcast traffic). Stats for the host also show 97% local and 3% remote traffic. The monitor pc (ntop) showed no appreciable up-tick in terms of CPU or network utilization during the tests. I've confirmed we're definiely using a hub (linksys 10/100 8-port - efah08w) although I'd swear these stats are from a switch. To configure ntop I'm doing "ntop /r" and the following to re-install the service: ntop /i -i 0 -p "HTTP=http|www|https|3128,AS400-svcs=telnet|login|515|8476|8471|449|1025|847 0,Mail-In=995,Mail-Out=465,Mail-Other=pop-2|pop-3|pop3|kpop|smtp|imap|imap2, NetBios=netbios-ns|netbios-dgm|netbios-ssn,FTP=ftp|ftp-data,DHCP-BOOTP=67-68 ,DNS=name|domain,RemoteDesk=3389,nTop-web=3000" What am I missing (other than a LOT of packets)? Thanks! Brett _______________________________________________ Ntop mailing list Ntop@unipi.it http://listgateway.unipi.it/mailman/listinfo/ntop
