Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to check ?

Posted on 2002-04-11
5
Medium Priority
?
213 Views
Last Modified: 2010-04-17
Have any command or any approaches on Router can I check if someone is downloading files ? Or I can check whether what anyone is doing ?

As I ask , it is because I observe that on the router interface ( sh interface command ) fill up with many traffics. And I don't know who is downloading something.

Thanks and Regards.
0
Comment
Question by:leumas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 

Author Comment

by:leumas
ID: 6933632
I forgot to tell that I'm using Cisco 2600 series.And have ISDN interface.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 40 total points
ID: 6935447
you can assign an access list to the Ethernet interface to log all traffic:

Interface Eth 0/0
 ip access-group 101 in

access-list 101 permit ip any any log
logging buff 4096

router# show log

The log will tell you which IP address is doing what, but only to the threshold of the buffer. If you have a syslog server, it will be better to send the logs over to it:


logging <IP add of syslog server>

Else, you could use a sniffer (Ethereal is free) to see who's doing what

0
 

Expert Comment

by:elcidd
ID: 6938322
I agree with lrmoore, you can set up logging to see what traffic is comming and going from what ip.  However, I would like to caution that this takes up valuable router proccessor time.  I believe the best solution is to use a sniffer.  You can find a few at www.webattack.com . but lrmoore seemed to hit it pretty much on the head
0
 
LVL 1

Expert Comment

by:ymash
ID: 6943465
This is more comlicated but you can setup something like MRTG on your switches and monitor traffic on every port.
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 6948475
Is this a web site that's being accessed?

ymash, I think leumas knows which interface is in volume trouble. Besides, MRTG will only show you adjusted volumes of traffic but not who is creating the traffic volume. lrmoore's idea is pretty straightforward but if you think the excess traffic is in downloads, I'd create an access list on port 21 and log that traffic. Ultimately, you may need to trap all network traffic.

Ethereal will work well if the entire media is shared (hubbed) or if you can create a monitor port on the switch.

Good luck.
Steve
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question