Re: Traffic Monitor

From: Artyom Viklenko (artem_at_mipk.kharkiv.edu)
Date: 04/22/04

Next message: Etienne Ledoux: "Re: Traffic Monitor"

Previous message: Wolfpaw - Dale Corse: "RE: Traffic Monitor"
In reply to: Spidey Knepscheld: "Traffic Monitor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Thu, 22 Apr 2004 18:35:52 +0300
To: Spidey Knepscheld <spidey@act.co.za>

If you interesting in monitoring uplink connection,
you can run some tolls (such as ipaudit, ipcount or something else)
directly on the firewall machine. And you didn't need the hub.
You can bind such monitoring tool to any NIC on the firewall,
but preferably to external. You need bpf in the kernel.

Spidey Knepscheld wrote:

> Hi
>
> I am an ISP running FreeBSD as a firewall and as a Mail Server. My problem
> is that I am not able to monitor the amount of traffic that user are using
> on my network. in south Africa bandwidth is extremely expensive and I need
> to take my bandwidth to the edge.
>
> My network looks like this: My Link comes in on a Cisco 805 from the router
> it goes to the first NIC on the Firewall from the second NIC it runs into a
> 10base HUB where there are only 3 ports used one as I said for the Firewall
> the other for a FreeBSD box (I want to use this box for traffic monitoring)
> and then one port for the rest of the network which connects to a 100base
> switch. The reason I used the 10base HUB is because it broadcasts all the
> data to all the ports. So for all data to and from the firewall will be
> caught by the Monitoring BSD box. I hope this makes sense.
>

-- 
        Sincerely yours,
                          Artyom V. Viklenko.
======================================================
System Administrator            artem@mipk.kharkiv.edu
------------------------------------------------------
IIAT NTU "KhPI" 21, Frunze Str., Kharkov Ukraine 61002
Phone: +38 (0572) 400026        Fax: +38 (057) 7062749
======================================================
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

Next message: Etienne Ledoux: "Re: Traffic Monitor"

Previous message: Wolfpaw - Dale Corse: "RE: Traffic Monitor"
In reply to: Spidey Knepscheld: "Traffic Monitor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Traffic Monitor
... I am an ISP running FreeBSD as a firewall and as a Mail Server. ... My network looks like this: My Link comes in on a Cisco 805 from the router ... caught by the Monitoring BSD box. ...
(freebsd-isp)
RE: Traffic Monitor
... > FreeBSD box (I want to use this box for traffic monitoring) ... > and then one port for the rest of the network which connects ... I'd go pick up a Cisco switch ... Switch to "mirror" all traffic to one port, ...
(freebsd-isp)
Re: Been hacked
... > The system is running linux with an iptables firewall. ... > monitoring program which is missing and there is another monitoring ... Or leaving themselves a nice little hacked-up box for later use on more ...
(comp.os.linux.security)
Re: Traffic Monitor
... >>I am an ISP running FreeBSD as a firewall and as a Mail Server. ... >>on my network. ... >> the firewall will be caught by the Monitoring BSD box. ... I do get live graphs from my upstream supplier but it shows the ...
(freebsd-isp)
Re: Protecting your router.
... > and not monitoring your firewalls/routers leaves them exposed. ... and an internal IDS for monitoring hosts should be sustainable. ... That's why I think monitoring in front of your firewall is a needless task. ... looking into the traffic between the perimeter router and the next-layer ...
(Focus-IDS)