Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
im at uni, and my internet is realy slow. i want to see if i can find out who in my house is using all the bandwidth (no one is admiting it), or wether its a virus or spyware on someone machine. i friend once showed me a network monitoring tool that displayed graphicaly all the computers on your network, and then showed there outgoing and ingoing connections with red (i think they were red) cones, with the size dictating the bandwidth usage. i cannot for the life of me remember what its called. i have XP on my pc, but network tools for that seem to limit you to just that machine, so i want to put something on my SuSE 10.0 installation on my laptop. i would like to know what this program i remember is called, or the name of another one thats equaly as good. it must show me who is using howmuch bandwith (preferably p2p networks too), and also must be easy to instal. im a complete noob with linux, so i need something easy to set up, or that comes with a installation guide. Cheers!
would look at ntop, its a first class network stats package, but you need to be aware that if you are all connected to the internet via a switch you will only see traffic destined for your PC and broadcasts, which won't help you much.
On a switched network you can't, unless the switch is intelligent enough to give you this information and you have access to it, or you can scope the uplink that is common to everyone. The only ways to do that are to interpose a hub between the switch and whatever it is uplinked to, or to mirror the uplink port, again assuming you have a good enough switch.
i friend once showed me a network monitoring tool that displayed graphicaly all the computers on your network, and then showed there outgoing and ingoing connections with red (i think they were red) cones, with the size dictating the bandwidth usage. i cannot for the life of me remember what its called
You still won't see everything if its a switched network.
Well... I see everything in one of the company I work. Do you know ettercap? Its the most scaring tool for average windows network admins
I recommend you testing it, depending on the security of the network you are on, you will be surprised. (*)
You have a lot of other tools for running complex attacks that relies on the same mechanisms
(*) To make things clear, do not run it if you don't have the permission from your net/security admins, it can be easily detected and can cause great damage on your network.
If the company uses hubs, you will see everything. If you are connected to a mirror port of an active switch uplink then you will see everything. From the normal port on an normal switch you will only see traffic that is destined for your PC's MAC address and broadcasts/multicasts.
Passive monitoring tools all suffer from this basic limitation. The port stealing mechanisms that ettercap uses are not going to help you with general stats collection for an entire network. It will allow you to sniff single hosts, but as the MAC table must be set and reset for every stolen frame its hardly something you can do on a large scale. If its only a small network you could sniff each one in turn with ettercap and hope that you get to the offender before he's finished.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.