Solved

network analyzer

Posted on 2013-12-12
5
338 Views
Last Modified: 2014-01-18
Hi guys,

Is there a software I can use to analyzer a network to see what is taking place per computer.

I have a suspection that someone is downloading stuff from utorrent and I would like to know.

if you guys have any tool I can use please let me know.

thanks  in advance
0
Comment
Question by:MVGtechnology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 7

Accepted Solution

by:
BobintheNoc earned 500 total points
ID: 39714287
Your firewall is probably the easiest place to examine for any and all traffic or internet questions. If your firewall is off commercial for business quality, you should be able to show your translation connections or open connections.  if you find a computer IP address on your internal network is establish connectionsor has many UDP streams to a variety of remote address is, you have likely found your culprit.another method involves using a packet capture software such as Wireshark. With Wireshark, you can identify conversations and decode the packet streams with a good chance Wireshark can specifically identify torrent based connections. The trick with using a capture software is to find a good  position to plug into or connect your capture interface in a spot that is exposed to all traffic. A good spot is usually again at the firewall, either right in front of it or behind.

many firewalls allow you to actually perform packet capture at the firewall for downloading and then analysis bye software like Wireshark. There are many other ways 2 make your determination, depending on your existing configuration and you're network knowledge sophistication. With further detail on what you have done and you're available resources, we can help you narrow and identify your traffic.
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39714296
What is your gateway device?  Usually it's fairly easy to spot torrent users as they will be opening a lot of sessions to unfamiliar IPs.
0
 
LVL 6

Expert Comment

by:vmagan
ID: 39714347
Wireshark works great and its free.
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39714428
Wireshark is great, however you need to enable a port mirroring on your switch stack (also referred to as a SPAN port for Cisco devices.)

Microsoft Message Analyzer is also a good tool, it allows you to resemble HTTP sessions (for example), so you can actually view the web pages and images your users have downloaded.  Again, port mirroring would be required.

As mentioned above, the easiest method may be to enable logging at your firewall.  You can install a syslog server to capture activity over time for future analysis.
0
 
LVL 3

Expert Comment

by:Brian Garcia
ID: 39716070
You can also try network monitoring software based on netflow like PRTG - http://www.paessler.com/prtg and Manage Engine's Netflow Analyzer - http://www.manageengine.com/products/netflow/.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question