Is there a quick way to see who is using a bittorrent client on one my networks? Seems like someone is using 11% of my bandwidth.
Who is Participating?
Rich RumbleConnect With a Mentor Security SamuraiCommented:
You want something like Ntop that will show you what protocols and what computers are doing it. You need a port span (aka port mirror) and a linux machine.
You can also use Snort or Suricata to detect most BT traffic too. But unless you can pin-point who is using that much BW first it might not be BT at all.
You may have a look at Cacti or Clearsite, they will poll the SNMP of your switch and graph how much BW each port is using, but won't break it down by protocol.
If you have network sniffing capabilities (wireshark on Windows gateway, or wireshark on a pc on a mirrored port of the the port with the cable to the gateway of a managed switch), it will be quite easy to find out who is responsible (the one with the most data throughput and the most connections, sometimes connecting to one specific higher port number).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.