Solved

What is the best software or device to monitor bandwidth usage and prevent or detect a DOS attack?

Posted on 2007-04-03
4
397 Views
Last Modified: 2012-06-21
Hello,
Our router is getting horrible ping response times of 298, 2240, 600, 300... very sporadic, but this is only occuring when we plug in the fiber connection that connects our high school to our main wiring closet.

Unplug the high school and things are okay, back to normal...  So something up there is causing this and I've downloaded Fluke Networks Network Inspector, GFI Languard, Retina Network Scanner... Wireshark.

Just wondered if anyone has used anything successfully to detect where the traffic is coming from.  We're currently unplugging entire labs and switches at the high school from our network just because it's killing people on bandwidth.

Also, is there a bandwidth throttling program or hardware device that wouldn't let this happen?  We have a Sonic Wall Pro 5060, but it didn't seem to help this at all.

Thanks!

M.
0
Comment
Question by:diablo-26
4 Comments
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 18845047
    Only one word :). Websense
        Websense has the ability to integrate with routers, firewalls etc. Real-Time analyzer will give you what you want.
 http://www.websense.com/global/en/
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18845517
I suggest using NTOP to see exactly what kind of traffic is on the network, traced back particular PC/IP address
 http://www.ntop.org
Simply attach NTOP to a mirror/span port on the switch and let it run. Access to reports are through its own web interface.
0
 
LVL 3

Accepted Solution

by:
Comply earned 500 total points
ID: 18848134
Your Sonic Wall should have a log file that can be reviewed. Look for outbound/Inbound traffic, time of day, etc. You should be able to see where the problem is coming from.

I would also check to make sure that UpNP is not turned on from the router/s. This may look ok but it eats BW up when you have alot of computers logged on.
0
 
LVL 5

Expert Comment

by:simonlimb
ID: 18849728
I agree with Comply's response.  I would check you logs on your SonicWall.  

Alternatively, if you want a freeware Full Featured Network Monitoring tool/program, I would suggest Ethereal from here: http://www.ethereal.com
There is an FAQ section which may help and access to support via "mailing list" link on the homepage.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question