stevenvanheerden
asked on
Bandwidth gets used to quickly
Hi all
i got his mail from one of my clients. she is hoping that we can solve her problem...
---------------------
Hi Steven
I wanted to chat about moving onto your companies ADSL as soon as possible in the hopes that we will finally get to the bottom of the mystery of the dissapearing bandwidth. Today is the 14th of the month and we have used 97% of our 100gigs. For example, on the 6th 21 gigs was used and we can’t figure out who is using it.
---------------------
now we have taken over the contract of this client a little while ago from some random guy that use to stay in the backpackers that they own (this is the site where the problem is). he didn't do much for a living except abuse their internet and trying to hack everything he can.
he still comes there now and again and i'm sure he is up to no good.
is there some sort of software or something that we can capture the computer MAC address and computer name or any details to see whats happening. Obviously the ISP cant help us as they only see what we use from the single dynamic IP. It might not even be him, it might be some staff member as well....point is, we need to figure it out.
any help please...?
thank you
i got his mail from one of my clients. she is hoping that we can solve her problem...
---------------------
Hi Steven
I wanted to chat about moving onto your companies ADSL as soon as possible in the hopes that we will finally get to the bottom of the mystery of the dissapearing bandwidth. Today is the 14th of the month and we have used 97% of our 100gigs. For example, on the 6th 21 gigs was used and we can’t figure out who is using it.
---------------------
now we have taken over the contract of this client a little while ago from some random guy that use to stay in the backpackers that they own (this is the site where the problem is). he didn't do much for a living except abuse their internet and trying to hack everything he can.
he still comes there now and again and i'm sure he is up to no good.
is there some sort of software or something that we can capture the computer MAC address and computer name or any details to see whats happening. Obviously the ISP cant help us as they only see what we use from the single dynamic IP. It might not even be him, it might be some staff member as well....point is, we need to figure it out.
any help please...?
thank you
ASKER
Yep one of those clients that doesn't want to spend "unnecessary" money if you know what i mean.
there isn't any firewall like pfsense of so if that's what you mean.
we haven changed all passwords (pretty complex) and Wi-Fi passwords as well.
only firewall is the built in one from the D Link ADSL router...
except for restricting it, i think we might need to first find out the cause if possible as i think this will help us decide the course of action as budget is always an issue...
hope this makes sense...
thanks so far
there isn't any firewall like pfsense of so if that's what you mean.
we haven changed all passwords (pretty complex) and Wi-Fi passwords as well.
only firewall is the built in one from the D Link ADSL router...
except for restricting it, i think we might need to first find out the cause if possible as i think this will help us decide the course of action as budget is always an issue...
hope this makes sense...
thanks so far
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes i totally agree with you on that...
but do you not know of any software in this case that can pick up what computer is using lots of bandwidth and the time its used?
something we can install on the server that handles the DHCP?
like i say, it might not even be him....also, the account is being used at two other residential addresses as well...could be there.
I'm just trying to find a real inexpensive way to see where its coming from.
i know if they move over to our company in terms of ISP, we can monitor to see what circuit number uses the most data...so that will cover that part....i just have a suspicion about the back packers....
but do you not know of any software in this case that can pick up what computer is using lots of bandwidth and the time its used?
something we can install on the server that handles the DHCP?
like i say, it might not even be him....also, the account is being used at two other residential addresses as well...could be there.
I'm just trying to find a real inexpensive way to see where its coming from.
i know if they move over to our company in terms of ISP, we can monitor to see what circuit number uses the most data...so that will cover that part....i just have a suspicion about the back packers....
Once the DHCP is picked up from the server and the DNS for the site is resolved, the only devices that see the packets between the user and the internet are the switch and the firewall. ANything you do MUST somehow talk to one of those. Because the switch is most likely unmanaged and the firewall is a DLink, you have absolutely no visibility in to the traffic. If the switch was managed, you could sniff the line. If the firewall were better, it's tools would likely help.
I have one crazy idea but I really dont know that it will work. You could put an old hub between the switch and the firewall and then put a sniffer on the hub. But then you will need to watch it happening. I dont know any tool specifically that will do this for you. You could check out Solarwinds, but that will also be expensive.
I have one crazy idea but I really dont know that it will work. You could put an old hub between the switch and the firewall and then put a sniffer on the hub. But then you will need to watch it happening. I dont know any tool specifically that will do this for you. You could check out Solarwinds, but that will also be expensive.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Make them run netalyzr.icsi.berkeley.edu
Run one for you and make suggestions how they can fix.
Run one for you and make suggestions how they can fix.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks guys. Appreciated.
~Jon