Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

network analyzer

Hi guys,

Is there a software I can use to analyzer a network to see what is taking place per computer.

I have a suspection that someone is downloading stuff from utorrent and I would like to know.

if you guys have any tool I can use please let me know.

thanks  in advance
0
MVGtechnology
Asked:
MVGtechnology
1 Solution
 
BobintheNocCommented:
Your firewall is probably the easiest place to examine for any and all traffic or internet questions. If your firewall is off commercial for business quality, you should be able to show your translation connections or open connections.  if you find a computer IP address on your internal network is establish connectionsor has many UDP streams to a variety of remote address is, you have likely found your culprit.another method involves using a packet capture software such as Wireshark. With Wireshark, you can identify conversations and decode the packet streams with a good chance Wireshark can specifically identify torrent based connections. The trick with using a capture software is to find a good  position to plug into or connect your capture interface in a spot that is exposed to all traffic. A good spot is usually again at the firewall, either right in front of it or behind.

many firewalls allow you to actually perform packet capture at the firewall for downloading and then analysis bye software like Wireshark. There are many other ways 2 make your determination, depending on your existing configuration and you're network knowledge sophistication. With further detail on what you have done and you're available resources, we can help you narrow and identify your traffic.
0
 
BlueComputeCommented:
What is your gateway device?  Usually it's fairly easy to spot torrent users as they will be opening a lot of sessions to unfamiliar IPs.
0
 
vmaganCommented:
Wireshark works great and its free.
0
 
Giovanni HewardCommented:
Wireshark is great, however you need to enable a port mirroring on your switch stack (also referred to as a SPAN port for Cisco devices.)

Microsoft Message Analyzer is also a good tool, it allows you to resemble HTTP sessions (for example), so you can actually view the web pages and images your users have downloaded.  Again, port mirroring would be required.

As mentioned above, the easiest method may be to enable logging at your firewall.  You can install a syslog server to capture activity over time for future analysis.
0
 
Brian GarciaTechnology Support SpecialistCommented:
You can also try network monitoring software based on netflow like PRTG - http://www.paessler.com/prtg and Manage Engine's Netflow Analyzer - http://www.manageengine.com/products/netflow/.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now