Finding network traffic issues
hi all,
I'm working on a location that has high speed and they are experiencing about 20GB in traffic every night. they have two wifi routers that are secured and the passwords have been changed. is there a program that can determine who is initiating the traffic?
thanks Zack
I'm working on a location that has high speed and they are experiencing about 20GB in traffic every night. they have two wifi routers that are secured and the passwords have been changed. is there a program that can determine who is initiating the traffic?
thanks Zack
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Beartlaoi
Or If you are using enterprise class switches then there is usually a command that will allow you to echo traffic from one port to another.
ASKER
Thanks for your suggestions! Does anyone have a model of hub I could buy that will work? I have a dlink dap-1522. Will that work? Then to elaborate I would plug the two wifi routers into this hub then into the ISP modem?
Also would I see the originating IP or MAC address of the PC causing all the traffic or just the IP address of the router the offending PC is hooked up to?
Sorry I'm kind of a newb figuring out this issue but we're loosing a lot of bandwidth.
Thanks!
Zack
Also would I see the originating IP or MAC address of the PC causing all the traffic or just the IP address of the router the offending PC is hooked up to?
Sorry I'm kind of a newb figuring out this issue but we're loosing a lot of bandwidth.
Thanks!
Zack
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i will have to check. thanks for that suggestion will let everyone know.
i tried wireshark in multiple ways weigh my pc plugged in on the router and the docsis modem but i was only able to pick up certain traffic.
i tried wireshark in multiple ways weigh my pc plugged in on the router and the docsis modem but i was only able to pick up certain traffic.
I do not mean to disparage you, but I should point out that analyzing network traffic and correctly interpreting the results is fairly complex. If you do not fully understand why a hub is different than a switch in regard traffic flow, and why a hub or port replication are necessary for traffic analysis, you are going to find that much of the traffic running across the wires can be daunting to distinguish.
I am not at all saying you should not proceed. I firmly belive any educational experience is well worth the effort and time! I just want to be sure you are giong in to this thing understanding that the answer you seek is probably not going to just jump out when you plug the tool in.
I am not at all saying you should not proceed. I firmly belive any educational experience is well worth the effort and time! I just want to be sure you are giong in to this thing understanding that the answer you seek is probably not going to just jump out when you plug the tool in.
ASKER
That may be but it's usually because people use switch, hub and router interchangeably. I have an unmanaged netgear switch and a dlink router, but if it has to specifically be a hub I need to buy one of those.
Network engineers never use those terms intrechangably, as they work very differently. While the pieces themselves may be interchangable in most simple networks, the technology is quite different.
To your question, any hub will work. You just need to get the sniffer on the line so that it will be able to see all traffic passing to the router. Some routers have features that will allow you to monitor traffic as specific ports. Basically any enterprise-class managable switch has features allowing you to monitor traffic at specific port or groups of ports.
Some switches are actually a cross-breed of switch and hub (group switches), which also work for the purpose at hand. These type of switches are not so common anymore.
To your question, any hub will work. You just need to get the sniffer on the line so that it will be able to see all traffic passing to the router. Some routers have features that will allow you to monitor traffic as specific ports. Basically any enterprise-class managable switch has features allowing you to monitor traffic at specific port or groups of ports.
Some switches are actually a cross-breed of switch and hub (group switches), which also work for the purpose at hand. These type of switches are not so common anymore.
ASKER
sounds good i will track down something that week hopefully work. thanks everyone for your help!