• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 351
  • Last Modified:

monitoring traffic packets

are there any software or hardware that can monitor traffic from each of the workstations? one of our office seem to be maxing out on their 1.5MB T1 connection every week now and theres only 4 workstations.
0
cadnyc
Asked:
cadnyc
  • 5
  • 3
  • 3
  • +2
1 Solution
 
SouljaCommented:
What type of router?  On another note, 1.5 T1 is pretty low by today's standards, even for only 4 workstations.
0
 
SouljaCommented:
Why a T1? There are many cheaper, better options.
0
 
PapertripCommented:
Oh man, the data package on your phone gets speeds higher than 1.5Mbit
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
cadnycAuthor Commented:
the router is managed by paetec our mpls provider and not by me. i've requested bandwidth reports and it seems that we're crushing the bandwidth everyday. seems to be getting worse and users in the office are complaining that its slow and opening files take 20-30 secs now.
Clipboard01.jpg
0
 
SouljaCommented:
Seriously man, the problem is the lack of bandwidth. 1.5 MB just isn't sufficient if you depend on the wan heavily.
0
 
PapertripCommented:
That is absolutely no surprise... at all...  1.5Mbit = ~150KB/s... seriously even 3G phones are like 10x faster than that...

If you want to continue using your T1, and have no desire to examine like a 5Mbit MPLS, then talk to your provider to implement some QoS.
0
 
cadnycAuthor Commented:
QoS has been implemented and we're thinking about upgrading to 3MB MPLS. by why the sudden surge in bandwidth? our office has been running with 4 users since last year and users were streaming music without maxing the bandwidth. i've had used stop streaming since then but still maxing out.
0
 
SouljaCommented:
I usually recommend QOS in many situation, but lack of bandwidth is just that, lack of bandwidth. QOS will do nothing but make the users whine even more.
0
 
SouljaCommented:
Okay, see if the ISP can run some type of Netflow of JFlow on their equipment. They will be able to then see which device and what type of traffic is hosing your connection.
0
 
PapertripCommented:
the "surge" is pretty relative in this situation...

If you had a much bigger pipe and were spiking like that all of a sudden, I would be concerned.  Ask your provider for more granular reports, try to narrow down timeframes, but in the end all this is is too small of a pipe for 1 user, let alone 4.
0
 
cadnycAuthor Commented:
is anyone familiar with wireshark? will it give me enough information what the user is doing to cause the high traffic??
0
 
Kamran ArshadCommented:
Hi,

Yes Wireshark is a handy diagnostic tool. You turn ON port spanning on your switch and then using Wireshark you can monitor traffic.

www.wireshark.org
wiki.wireshark.org
www.wiresharktraining.com
wiki.wireshark.org/CaptureSetup/Ethernet
http://searchsecurity.techtarget.com/tip/Wireshark-tutorial-How-to-sniff-network-traffic
0
 
madunixChief Information Security Officer Commented:
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 5
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now