Monitoring network traffic

HI. For the last few months my internet usage has been extreme. I have a netgear WPN Router and 3 pc's behind it. My internet service provider has almost stopped my internet due to the usage and I dont know where or how this is happening. I have the dates for the days in question from my usage monitor but my question is, can I figure out where its comming from or if I am being hacked or used for spamming. There doesnt appear to be any logs in my router that I can make any use of. Is there a way of tracking whats going on. Any help would be greatly appreciated. Thankyou
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

With netmeter on each PC you will soon know who it is...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
enable smnp/2 on the router and use a toolset sucha s solarwinds engineers toolset -
You could use a packet sniffing tool like Ethereal to find out what is traversing your network.

Something else to try is using a tool like to run a port scan against your network to determine if any ports have been opened which expose you to a vulnerability.

I assume you have checked all the computers on the network for malware using both a virus scanner (you can get a free threat detection test from and an anti spy-ware tool like ad-aware or Spybot (
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

Microsoft's NetMon program will allow monitoring of netwrok traffic and allow for filtering.

Product like ZoneAlarm can identify to you any TCP/IP sources or destinations.

For OS like XP you can review event logs to assess what may have been happening
Leah7auAuthor Commented:
Thanks everyone, sorry I have been unable to use the internet of late due to my service provider slowing down my speed dramatically. I will try all of the above and see if I can make any sense out of it. How do I enable snmp 2, is that just a simple setting in the router for port forwarding.
Good luck!
snmp is not easy to setup, manage or report on...
Great technology for large network, so they can be designed and monitored etc etc etc.

BUT, for three PC's - NOT worth it..

Your router is soho type and doesnt come with net translation counters, so forget that...

A sniffer like ethereal works a treat, but to get everyones traffic, you will need to have a hub (not switch) and use a dedicated PC to packet sniff...

So if you want more and more information to make sense of, please put these suggestions to practice, you will learn a lot, and I do carry this stuff with me everywhere, but really, netmeter will just tell you who, when and where, which should be enough to resolve getting the ISP back onside...

Best wishes...
Leah7auAuthor Commented:
Thank you all for your sugesstions, this is well enough to get me going on the right track. I will try and get it resolved but sincerly thanks for taking the time to answer me. KIndest regards - Leah
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Analysis

From novice to tech pro — start learning today.