Solved

network analyzer

Posted on 2013-12-12
5
331 Views
Last Modified: 2014-01-18
Hi guys,

Is there a software I can use to analyzer a network to see what is taking place per computer.

I have a suspection that someone is downloading stuff from utorrent and I would like to know.

if you guys have any tool I can use please let me know.

thanks  in advance
0
Comment
Question by:MVGtechnology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 7

Accepted Solution

by:
BobintheNoc earned 500 total points
ID: 39714287
Your firewall is probably the easiest place to examine for any and all traffic or internet questions. If your firewall is off commercial for business quality, you should be able to show your translation connections or open connections.  if you find a computer IP address on your internal network is establish connectionsor has many UDP streams to a variety of remote address is, you have likely found your culprit.another method involves using a packet capture software such as Wireshark. With Wireshark, you can identify conversations and decode the packet streams with a good chance Wireshark can specifically identify torrent based connections. The trick with using a capture software is to find a good  position to plug into or connect your capture interface in a spot that is exposed to all traffic. A good spot is usually again at the firewall, either right in front of it or behind.

many firewalls allow you to actually perform packet capture at the firewall for downloading and then analysis bye software like Wireshark. There are many other ways 2 make your determination, depending on your existing configuration and you're network knowledge sophistication. With further detail on what you have done and you're available resources, we can help you narrow and identify your traffic.
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39714296
What is your gateway device?  Usually it's fairly easy to spot torrent users as they will be opening a lot of sessions to unfamiliar IPs.
0
 
LVL 6

Expert Comment

by:vmagan
ID: 39714347
Wireshark works great and its free.
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39714428
Wireshark is great, however you need to enable a port mirroring on your switch stack (also referred to as a SPAN port for Cisco devices.)

Microsoft Message Analyzer is also a good tool, it allows you to resemble HTTP sessions (for example), so you can actually view the web pages and images your users have downloaded.  Again, port mirroring would be required.

As mentioned above, the easiest method may be to enable logging at your firewall.  You can install a syslog server to capture activity over time for future analysis.
0
 
LVL 3

Expert Comment

by:Brian Garcia
ID: 39716070
You can also try network monitoring software based on netflow like PRTG - http://www.paessler.com/prtg and Manage Engine's Netflow Analyzer - http://www.manageengine.com/products/netflow/.
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to choose hardware firewall 5 84
ASA 5505 latency problem 8 64
Need a "SonicWall" Replacement 12 49
New CLI Commands Needed for Cisco ASA 5506 5 18
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question