Solved

What is the best software or device to monitor bandwidth usage and prevent or detect a DOS attack?

Posted on 2007-04-03
4
394 Views
Last Modified: 2012-06-21
Hello,
Our router is getting horrible ping response times of 298, 2240, 600, 300... very sporadic, but this is only occuring when we plug in the fiber connection that connects our high school to our main wiring closet.

Unplug the high school and things are okay, back to normal...  So something up there is causing this and I've downloaded Fluke Networks Network Inspector, GFI Languard, Retina Network Scanner... Wireshark.

Just wondered if anyone has used anything successfully to detect where the traffic is coming from.  We're currently unplugging entire labs and switches at the high school from our network just because it's killing people on bandwidth.

Also, is there a bandwidth throttling program or hardware device that wouldn't let this happen?  We have a Sonic Wall Pro 5060, but it didn't seem to help this at all.

Thanks!

M.
0
Comment
Question by:diablo-26
4 Comments
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 18845047
    Only one word :). Websense
        Websense has the ability to integrate with routers, firewalls etc. Real-Time analyzer will give you what you want.
 http://www.websense.com/global/en/
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18845517
I suggest using NTOP to see exactly what kind of traffic is on the network, traced back particular PC/IP address
 http://www.ntop.org
Simply attach NTOP to a mirror/span port on the switch and let it run. Access to reports are through its own web interface.
0
 
LVL 3

Accepted Solution

by:
Comply earned 500 total points
ID: 18848134
Your Sonic Wall should have a log file that can be reviewed. Look for outbound/Inbound traffic, time of day, etc. You should be able to see where the problem is coming from.

I would also check to make sure that UpNP is not turned on from the router/s. This may look ok but it eats BW up when you have alot of computers logged on.
0
 
LVL 5

Expert Comment

by:simonlimb
ID: 18849728
I agree with Comply's response.  I would check you logs on your SonicWall.  

Alternatively, if you want a freeware Full Featured Network Monitoring tool/program, I would suggest Ethereal from here: http://www.ethereal.com
There is an FAQ section which may help and access to support via "mailing list" link on the homepage.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now