Analyzing network data with appliance router
Ernest Doub
hideserted at gmail.com
Mon Jun 13 00:51:27 UTC 2011
On Sun, Jun 12, 2011 at 5:29 PM, NoOp <glgxg at sbcglobal.net> wrote:
> On 06/12/2011 03:47 PM, Patton Echols wrote:
>> Greetings all,
>>
>> I am looking for ways to analyze the traffic through my home network.
>> The tools that I seen mentioned as I google all seem to need to run on
>> the router. This makes sense to me. After all, where better to access
>> the traffic. I am wondering whether there are tools that can moniter
>> traffic within the LAN and / or to and from the WAN, but do it from my
>> desktop machine within the LAN.
>>
>> Here is what I am trying to do:
>>
>> I have been reading about concerns of Botnets and a recent article that
>> suggested that nearly 20% or windows machines are infected. I have to
>> support several windows machines in our network. We have antivirus and
>> updates applied as soon as available, but I would like to have a way to
>> ID a box that gets infected. One suggested method is to watch their
>> traffic. If a windows box has spikes in network activity, starts port
>> scanning, or doing other obnoxious activity, then you know you have work
>> to do.
>>
>> The logging function of my appliance router is fairly minimal. It
>> records the outgoing IP and protocol, but not the port or the time.
>> Also, it seems to be pretty limited as to how much it saves. I'd prefer
>> to not have to set up my own router if not necessary.
>>
>> Any thoughts?
>
> Better router :-) That said, when my trusty BEFVP41 started going wonky
> on my I had to back up to my Netgear & that router sucks as far as
> traffic logs go. For a small home network, you might want to install
> etherape to watch your network periodically. It will give you a
> graphical view of your network traffic.
>
> Unfortunately the repositories for maverick only offer 0.9.8 & 0.9.12 is
> the latest:
> https://launchpad.net/ubuntu/+source/etherape
> http://etherape.sourceforge.net/
>
> I'm not aware of any 0.9.12 deb's (haven't looked actually).
>
>
>
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
If you are truly concerned about bots, viruses, etc. I hope you are
not depending on the anti-virus software provided by Micro$oft. You
have to have a good 3rd party monitor. [belt and suspenders approach]
IMHO AVG is probably the best of the freeware offerings but NOD32 fro
ESET is the best available and a bargain for the peace of mind it
affords.
ED
On the road to Galt's Gulch
--
"The Tree of Liberty must be watered from time to time with the blood
of tyrants and Patriots" - Thomas Jefferson
More information about the ubuntu-users
mailing list