[plug] broadband monitoring?
Gavin Chester
sales at ecosolutions.com.au
Tue Jun 26 18:02:15 WST 2007
On Tue, 2007-06-26 at 18:22 +1000, Rob Dunne wrote:
> Hi Gavin,
>
> Gavin Chester wrote:
-snip-
> > I didn't mention "wireshark" before, but this is a great GUI network
> > packet sniffer/recorder. Used to be called ethereal. You can do a live
> > capture and have name resolution done as well, in real-time. Haven't
> > checked whether it also offers byte logging, but it will tell you where
> > the traffic is going/coming. You can save the packet capture as a file
> > for later viewing.
>
> yes -- thats the sort of thing I need, but running in the background all
> the time and not recording quite so much information.
> I just think I will make a practice of running jnettop in the background
> for a few days and see if I get any other large traffic events.
Well, it does get left running in the background doing live capture, but
not as a daemon, which is perhaps what you meant? :-/ You can heavily
customise the columns and display of the live capture to Trim down how
much gets recorded - and when there is no traffic it stops recording.
You can also have that formatted how you want for file saving. It is one
tool I had running by chance when I spotted a dictionary ssh attack on
my machine. If not for ethereal/wireshark I would have been ignorant of
the attack.
Gavin
More information about the plug
mailing list