[plug] Network Analysing

Daniel Pearson plug at flashware.net
Thu Jan 2 14:43:59 WST 2003


Leon,
By saying that do you mean all the machines can be connected through the
switch, with the monitoring machine plugged into the switch via a hub - and
because of that it will be able to log packets on the network?

Daniel

----- Original Message -----
From: "Leon Brooks" <leon at brooks.fdns.net>
To: <plug at plug.linux.org.au>
Sent: Thursday, January 02, 2003 2:43 PM
Subject: Re: [plug] Network Analysing


> On Thursday 02 January 2003 02:17 pm, Daniel Pearson wrote:
> > What I mean by this for example, is - my machine is 192.168.0.4
> > The gateway is .0.1, the two other machines are .0.2 and .0.3.
> > Now, I want to see what .0.1 and .0.2 and .0.3. are sending/receiving
> > around the network, and total bandwidth (i.e. number of bytes/kb/mb), by
> > running software on .0.4. Is this achievable?
>
> Yes, as long as the machines are not all plugged through a switch. If
that's
> the case, stick an extra hub on the gateway end of things for the duration
> and plug your monitoring machine into that.
>
> Tcpdump (for example) will capture packets in promiscuous mode so you
don't
> even have to have an IP which suits the network, or in theory not even an
IP
> address.
>
> Cheers; Leon
>
>
>



More information about the plug mailing list