Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

What is the best software or device to monitor bandwidth usage and prevent or detect a DOS attack?

Posted on 2007-04-03
4
Medium Priority
?
402 Views
Last Modified: 2012-06-21
Hello,
Our router is getting horrible ping response times of 298, 2240, 600, 300... very sporadic, but this is only occuring when we plug in the fiber connection that connects our high school to our main wiring closet.

Unplug the high school and things are okay, back to normal...  So something up there is causing this and I've downloaded Fluke Networks Network Inspector, GFI Languard, Retina Network Scanner... Wireshark.

Just wondered if anyone has used anything successfully to detect where the traffic is coming from.  We're currently unplugging entire labs and switches at the high school from our network just because it's killing people on bandwidth.

Also, is there a bandwidth throttling program or hardware device that wouldn't let this happen?  We have a Sonic Wall Pro 5060, but it didn't seem to help this at all.

Thanks!

M.
0
Comment
Question by:diablo-26
4 Comments
 
LVL 29

Expert Comment

by:Alan Huseyin Kayahan
ID: 18845047
    Only one word :). Websense
        Websense has the ability to integrate with routers, firewalls etc. Real-Time analyzer will give you what you want.
 http://www.websense.com/global/en/
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18845517
I suggest using NTOP to see exactly what kind of traffic is on the network, traced back particular PC/IP address
 http://www.ntop.org
Simply attach NTOP to a mirror/span port on the switch and let it run. Access to reports are through its own web interface.
0
 
LVL 3

Accepted Solution

by:
Comply earned 2000 total points
ID: 18848134
Your Sonic Wall should have a log file that can be reviewed. Look for outbound/Inbound traffic, time of day, etc. You should be able to see where the problem is coming from.

I would also check to make sure that UpNP is not turned on from the router/s. This may look ok but it eats BW up when you have alot of computers logged on.
0
 
LVL 5

Expert Comment

by:simonlimb
ID: 18849728
I agree with Comply's response.  I would check you logs on your SonicWall.  

Alternatively, if you want a freeware Full Featured Network Monitoring tool/program, I would suggest Ethereal from here: http://www.ethereal.com
There is an FAQ section which may help and access to support via "mailing list" link on the homepage.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question