Analyzing network data with appliance router

[Patton Echols]

On 06/12/2011 05:29 PM, NoOp wrote:
> On 06/12/2011 03:47 PM, Patton Echols wrote:
>> Greetings all,
>>
>> I am looking for ways to analyze the traffic through my home network.
>> The tools that I seen mentioned as I google all seem to need to run on
>> the router.  This makes sense to me. After all, where better to access
>> the traffic.  I am wondering whether there are tools that can moniter
>> traffic within the LAN and / or to and from the WAN, but do it from my
>> desktop machine within the LAN.
>>
>> Here is what I am trying to do:
>>
>> I have been reading about concerns of Botnets and a recent article that
>> suggested that nearly 20% or windows machines are infected.  I have to
>> support several windows machines in our network.  We have antivirus and
>> updates applied as soon as available, but I would like to have a way to
>> ID a box that gets infected.  One suggested method is to watch their
>> traffic.  If a windows box has spikes in network activity, starts port
>> scanning, or doing other obnoxious activity, then you know you have work
>> to do.
>>
>> The logging function of my appliance router is fairly minimal.  It
>> records the outgoing IP and protocol, but not the port or the time.
>> Also, it seems to be pretty limited as to how much it saves.  I'd prefer
>> to not have to set up my own router if not necessary.
>>
>> Any thoughts?
> Better router :-) That said, when my trusty BEFVP41 started going wonky
> on my I had to back up to my Netgear&  that router sucks as far as
> traffic logs go. For a small home network, you might want to install
> etherape to watch your network periodically. It will give you a
> graphical view of your network traffic.
>

Thanks Gary, EtherApe is interesting looking.  But since my router has a 
switch, not a hub, at least one of the websites I saw said it would only 
show my own traffic.  Is that your experience?  Your network have a hub 
or switched?