• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 467
  • Last Modified:

I need to monitor each network client's bandwidth usage. What software is recommended?

We have wireless internet here @ the office and it started out having T1 speeds, but as our clients here discovered they can now get smooth live streaming audio/video, our bandwidth is being chewed up.  The office personnel knows I don't like this, but I can tell it's still going on....I just can't catch them.  Is there a way for me to monitor which client machine is taking a majority of the bandwidth?  Any recommended software?  Free software is even better ;-)

I have a Netgear router hooked in to a Cisco 2950 switch (just FYI)

Many thanks!
Rick aka BeerAngel
0
BeerAngel
Asked:
BeerAngel
3 Solutions
 
lrmooreCommented:
Take a look at this product that is installed on the workstations..
http://www.netlimiter.com/index.php

Else, you can look at something like NTOP that is passive and will point out your users in a second.
http://www.ntop.org

Else, setup a Proxy server and force all Internet traffic to go through the proxy..

More information:
http://www.tldp.org/HOWTO/Bandwidth-Limiting-HOWTO/
http://www.youngzsoft.net/ccproxy/
http://inetshaper.com/
0
 
grbladesCommented:
Hi BeerAngel,
As lrmoore said something like ntop would work well. You can also run Ethereal (http://www.ethereal.com/) which is a free network analyser which will do a similar job but you can also go very indepth to see what ports and traffic each client is using.

For either of these you will need to configure the switch to span the port the netgear is connected to so that the monitoring machine sees all the traffic.
0
 
AutoSpongeCommented:
You have several options depending on the environment:

1.  Sniff packets and display what is found.  
1.a. If you have a MAC laying around with OSX, there is a nifty program out there called EtherPeg which will put back together image files that are flying around your network and display them on the screen in no particular order.  Sometimes you can place this on a monitor in the middle of the office.  The idea is much like Orwell's Big Brother:  'we're watching, so don't surf where you shouldn't.'
1.b.  A commercial software can do something similar and probably give a lot more information than EtherPeg.  Wildpackets.com makes something called EtherPeek.  I've not used it myself, but it seems to go that extra mile that Ethereal doesn't--reconstructing the TCP stream into something you can actually understand.

2.  Log Internet usage.
2.a.  Ethereal can capture packets and graph some results, but if you have a linux box, ntop may be what you really want.  It has a nice HTTP interface that logs host activity.
2.b.  Will your firewall give up the info?  Check your firewall, many times you have access to more flexibility than you think and your firewall can help you log Internet usage.

3.  Who's doing what with your network?
3.a.  When was the last time you scanned your own network for open ports?  Is someone running an FTP server that you don't know about?  Is someone using PCAnywhere to get Internet access from home?  How many people are running Kazaa?  A complete security audit should help.
3.b.  Turn if off and see who whines.  If you see a flood of traffic at your gateway that looks suspicious, shut it down.  If someone whines about it you can ask the right questions and determine if it's legit or not.  

4.  Surprise inspection.
4.a.  Again with the 'we're watching you' stuff.  Announce in a formal memo that all company property must have its passwords logged with IT via email with a specific header (so you can organize them) and all company PCs are subject to a security audit (whether or not you actually perform them and how often is entirely up to you).  Not only does it help with "I forgot my password" syndrome, but you might be surprised yourself with what you find in the audits.  You can use some special software like EVEREST or do it manually but the reigns will be tighter.

If a client password changed and you can't access it, swap the drive with a new one and a clean build.  If something is on there of vital importance it can always be restored, but until then, only authorized applications and authorized uses will be allowed on clients.  Chances are that after you mount that drive you'll find what they were hiding.

0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now