diablo-26
asked on
What is the best software or device to monitor bandwidth usage and prevent or detect a DOS attack?
Hello,
Our router is getting horrible ping response times of 298, 2240, 600, 300... very sporadic, but this is only occuring when we plug in the fiber connection that connects our high school to our main wiring closet.
Unplug the high school and things are okay, back to normal... So something up there is causing this and I've downloaded Fluke Networks Network Inspector, GFI Languard, Retina Network Scanner... Wireshark.
Just wondered if anyone has used anything successfully to detect where the traffic is coming from. We're currently unplugging entire labs and switches at the high school from our network just because it's killing people on bandwidth.
Also, is there a bandwidth throttling program or hardware device that wouldn't let this happen? We have a Sonic Wall Pro 5060, but it didn't seem to help this at all.
Thanks!
M.
Our router is getting horrible ping response times of 298, 2240, 600, 300... very sporadic, but this is only occuring when we plug in the fiber connection that connects our high school to our main wiring closet.
Unplug the high school and things are okay, back to normal... So something up there is causing this and I've downloaded Fluke Networks Network Inspector, GFI Languard, Retina Network Scanner... Wireshark.
Just wondered if anyone has used anything successfully to detect where the traffic is coming from. We're currently unplugging entire labs and switches at the high school from our network just because it's killing people on bandwidth.
Also, is there a bandwidth throttling program or hardware device that wouldn't let this happen? We have a Sonic Wall Pro 5060, but it didn't seem to help this at all.
Thanks!
M.
I suggest using NTOP to see exactly what kind of traffic is on the network, traced back particular PC/IP address
http://www.ntop.org
Simply attach NTOP to a mirror/span port on the switch and let it run. Access to reports are through its own web interface.
http://www.ntop.org
Simply attach NTOP to a mirror/span port on the switch and let it run. Access to reports are through its own web interface.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I agree with Comply's response. I would check you logs on your SonicWall.
Alternatively, if you want a freeware Full Featured Network Monitoring tool/program, I would suggest Ethereal from here: http://www.ethereal.com
There is an FAQ section which may help and access to support via "mailing list" link on the homepage.
Alternatively, if you want a freeware Full Featured Network Monitoring tool/program, I would suggest Ethereal from here: http://www.ethereal.com
There is an FAQ section which may help and access to support via "mailing list" link on the homepage.
Websense has the ability to integrate with routers, firewalls etc. Real-Time analyzer will give you what you want.
http://www.websense.com/global/en/