Solved

ADSL Traffic Monitoring (site+bytes)

Posted on 2014-07-24
11
393 Views
Last Modified: 2014-07-28
Hi Experts,

Our organisation has an old D-Link DSL-G604T wireless ADSL router, and I'd like to be able to find out what is using our monthly data quota, because it's higher than expected.  Some visitors are given the WiFi password, and when they are with us, the usage seems to go up by 5 or 10 times, sometimes, but I would not expect them to be doing intensive things like video, but maybe they are.

Having logged into the router, and looked through the menus, and looked at the table of contents in the manual, I'm not sure if there's a feature that could help here.  Would it be the "Remote Log" submenu on the "Tools" menu?  If so, how can I use that?  P64-65 of the manual says:
"Use the Remote Log menu to set up logging to servers or computers that are located outside the LAN or subnet of the Router."
"Select the Log Level from the pull-down menu. The levels available are: Alert, Critical, Debug, Error, Info, Notice, Panic and Warning. Type in the IP address of a receiver for the log message in the Add an IP Address field and click on the Add button. Log message receivers that are added appear listed in the Select a logging destination pull-down menu. These may be used at any time for other types of log messages. To remove a log message receiver from the list, select it and click on the Remove button. Click the Apply button when you have configured the log message receivers. Remember to save the settings to non-volatile memory."

Questions:
Q1. Would this "Remote Log" feature give me info on amounts of traffic sent to/from each site or IP?
Q2. Where it says "Use the Remote Log menu to set up logging to servers or computers that are located outside the LAN or subnet of the Router", does this mean we can also log the info "inside" the LAN or subnet of the router?  How?  (This is probably not an option we'll be taking, because I assume it needs a machine to be running all the time the monitoring is happening (?), and we turn all PCs off when not in use, but I'm interested to know how this could work.)
Q3. The instructions above tell me nothing about how to setup the host where I'm logging to.  How is this done?  (I do have a Linux webhosting plan with an overseas webhost, where I could perhaps log to, depending on the hosting requirements.)
Q4. Alternatively, is there some log of recent sites/traffic stored on the router that we could use?  I haven't found one yet.
Q5. Or would this "Remote Log" feature just give the same (not very useful looking) info as currently goes to the "Log" submenu on the "Status" menu (see P73-74 of the manual).

Please number your answers accordingly, for clarity.

Thanks.
tel2
0
Comment
Question by:tel2
  • 5
  • 4
  • 2
11 Comments
 
LVL 8

Accepted Solution

by:
Wilder_Admin earned 350 total points
ID: 40218657
Implement a default gateway in front of your router to get the right loggings. possibly a ubuntu server. Then you can see detailed what kind of packets and how big they are.
Another option is to do it with a windows pc between and you run wireshark on it
or if you have a switch with mirroring function you can use that to plugin the windows machine with wireshark
0
 
LVL 4

Assisted Solution

by:Davy Paridaens
Davy Paridaens earned 150 total points
ID: 40218680
I think you are now at a point where you should be considering a Unified threat management. Here you have a link to one i personally use and inplement in small bussinesses:


http://www.pandasecurity.com/usa/enterprise/solutions/gatedefender-integra/

You can request a Demo

They will also explain how to pinpoint traffic problems.

regards,

Davy
0
 
LVL 4

Expert Comment

by:Davy Paridaens
ID: 40218685
I think the most important thing for you is Content filtering and traffic shaping.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 12

Author Comment

by:tel2
ID: 40220598
Thanks guys.  Sounds reasonable.

I don't think this will help me in this case, but regarding the (not very useful looking) info shown in the Log submenu of the Status menu...
Could someone please answer Q5 and hopefully Q3 from my original post.

Thanks.
tel2
0
 
LVL 8

Expert Comment

by:Wilder_Admin
ID: 40223464
Q3 with the add ip option you define where to send your logs to.
Q5 yes it will be the same information
adsl.PNG
0
 
LVL 12

Author Comment

by:tel2
ID: 40223473
Thanks Wilder_Admin,

Re Q5.  Good, thanks.

Re Q3, yes I can see that much, but how can I just send logs to an IP address?  Don't I need to send them to a path (folder/filename) or something?  What kind of data transfer is this (doesn't look like FTP, SFTP, RCP or SCP)?
0
 
LVL 8

Expert Comment

by:Wilder_Admin
ID: 40223520
Q3 No that is not neccessary. This is already the part of the centralized Log Server. Actually i never checked how he is doing i only noticed that he is collecting.
0
 
LVL 12

Author Comment

by:tel2
ID: 40223590
Hi Wilder_Admin,
If that is the case:
Q3a. Where, on the log server, does the data go to (i.e. what folder & file or whatever)?
Q3b. Where is this destination path (folder & file or whatever) specified?
Q3c. What OS and software is required on the log server, to make this work?

Thanks.
tel2
0
 
LVL 8

Expert Comment

by:Wilder_Admin
ID: 40223628
Q3a i speak now for the syslogserver running on ubuntu -> /var/log/syslog

Here you can find more about the syslog-ng http://www.balabit.com/network-security/syslog-ng/
Q3b You can spezify in config files to change or organize to what you like best.

Q3c I would use Ubuntu 14.04 lts because it is stable and working the syslog-ng. But like you see on the url there are versions for windows as well.
0
 
LVL 12

Author Comment

by:tel2
ID: 40225518
OK - thanks WA.
0
 
LVL 12

Author Closing Comment

by:tel2
ID: 40225528
And thanks for your input too, Davy.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question