Results 1 to 7 of 7

Thread: Data monitoring

  1. #1

    Data monitoring

    Since a few day's I'm receiving more incomming traffic then outgoing. I'm wondering what kind of traffic it is and especially from who it is comming.

    Do you people know a way how I can log this? The incomming traffic is to a port with service because my kernel isn't saying that anyone attempts a connection to a port without a service.

    I've installed trafshow already but it isn't very useful because it monitors the whole amount of traffic on the lan and not only from the server.

  2. #2
    Common ppl? How do you handle it?! There has to be a way,

  3. #3
    Try IPTraf
    Leon Mergen
    [email protected]
    http://www.antrophia.com/

  4. #4
    Join Date
    Jul 2002
    Location
    New Hampshire
    Posts
    154
    You may have a user using scp to transfer files to the box. Its a tough one and while I'm doing my research/planning on starting a web hosting business, this is one of the big problems I need to take care of before going ahead. I've looked around for ways to monitor this kind of traffic and thus far have come up empty-handed.

    I wish I had more information for you. While I'm looking around if I find anything I'll be sure to post.

    Sadistikal
    When you say "I wrote a program that crashed Windows", people just stare at
    you blankly and say "Hey, I got those with the system, *for free*".
    -- Linus Torvalds

  5. #5
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    How are you getting your current stats? Can't they be modified to show service ports?

    Anyway, I'd recommend just using IP accounting, but you didn't say what OS you're using.

    In Linux, you just set up some user defined input chains with ipchains or iptables.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  6. #6
    I'm using FreeBSD 4.6 currently I'm watching trafshow and tcpdump to see the traffic. As far as I know their can't be installed a service or what so ever. Because I don't give my clients shell access.

    I'm getting my current graphs / stats with MRTG

  7. #7
    Join Date
    Jul 2002
    Posts
    309

    Thumbs up mrtg is great !

    mrtg.org

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •