OCAU News - Wiki - QuickLinks - Pix - Sponsors
|
OCAU News - Wiki - QuickLinks - Pix - Sponsors |
|
|||||||
| Notices |
|
Sign up for a free OCAU account and this ad will go away! Search our forums with Google: |
 |
|
|
Thread Tools |
1st July 2012, 8:05 PM
|
#1 | |
|
Member
Join Date: May 2002
Location: Brisvegas
Posts: 413
|
PC upload monitoring
Hi Guys,
I recently moved out of home and across the country for a new job, I left my parents house (2 folks, 2 siblings) relatively setup IT wise. Currently they have 2 home offices, one PhD student, htpc, backup server, phones & tablets etc using the network. Since I've left I've kept an eye on the network remotely and I have seen a huge spike in uploads. E.g. to the point to where i'm seeing 400gb!! of uploads a month over the last 2 consecutive months, this is in stark contrast to the paltry 30gb of downloads a month. My guess is that we have a rouge (and illegal) service running on one of the machines, however, pinpointing this remotely has been a challenge. What I'm after is a piece of software that we can install on all the machines and generate reports on a regular basis of the download/upload on that machine. It would need to be robust, able to ignore or group traffic from the local subnet (e.g. backup data etc). but also pinpoint the machine process that is the source of the traffic. The plan is to send in my mate to update all this as well as make sure all the security software is up to date, and hopefully pinpoint the machine with the issues. help, ideas?
__________________
Quote:
|
|
|
|
| Join OCAU to remove this ad! |
|
1st July 2012, 8:07 PM
|
#2 |
|
Member
Join Date: Jan 2002
Location: Sleepwithyourdadelaide
Posts: 23,617
|
Something simple that will give me up/dl kb/s instantaneous usage per PC would be useful as well, so I can just simply run it and go "oh this machine is maxing the upload out".
__________________
I like to construct strong views on random things, and then argue for absolutely no reason about them. |
|
|
|
|
2nd July 2012, 12:28 AM
|
#3 |
|
Member
Join Date: Dec 2009
Location: Shithole, 4510
Posts: 682
|
__________________
MAIN RIG: Core i5-750 @ FILE SERVER: HP MicroServer N40L: 1.5GHz dual-core AMD | 8TB HDDs | Samsung Series 830 64GB SSD | 6GB RAM My Weather Observations |
|
|
|
|
2nd July 2012, 12:41 AM
|
#4 |
|
Member
Join Date: Mar 2008
Location: Brisbane
Posts: 34
|
Try this: http://www.softperfect.com/products/networx/
NetWorx is a simple and free, yet powerful tool that helps you objectively evaluate your bandwidth situation. You can use it to collect bandwidth usage data and measure the speed of your Internet or any other network connection. NetWorx can help you identify possible sources of network problems, ensure that you do not exceed the bandwidth limits specified by your ISP, or track down suspicious network activity characteristic of Trojan horses and hacker attacks.Its free, and a pretty decent application. Once installed on the pc's/laptops it should give you a better idea of network traffic. Check the wireless as the neighbors might be using it too ... hehehehe  Cheers. |
|
|
|
|
2nd July 2012, 6:51 AM
|
#5 |
|
(Taking a Break)
Join Date: Oct 2007
Location: Not around here anymore..
Posts: 5,298
|
If you have a decent modem/router, why not use it's logging ?
|
|
|
|
|
2nd July 2012, 6:45 PM
|
#6 | ||
|
Member
Join Date: May 2002
Location: Brisvegas
Posts: 413
|
Quote:
I don't know what you qualify as decent, however this particular model doesn't have the level of logging required to determine the source of the upload, nor does any other modem/router I've ever owned...if there is such a beast i'd be interested to learn of its make/model.
__________________
Quote:
|
||
|
|
|
|
2nd July 2012, 6:59 PM
|
#7 |
|
Member
Join Date: Dec 2004
Posts: 614
|
SNMP + cacti?
edit: won't fish out local data, but it will show you a graph of each devices ethernet activity and you can just compare. Sounds more like someone got the wifi pass to me, though. |
|
|
|
|
10th July 2012, 12:22 AM
|
#8 |
|
Member
Join Date: Dec 2003
Location: Sydney, Australia
Posts: 1,696
|
My money would also be on someone unearthing the wireless password as that is a huge behavioral change. If you haven't already done so,, have you considered a Vpn setup so you can remotely log into at least one pc and login to the router from there?
If there is little chance of new devices coming onto the network, is it possible to do Mac address filtering on the access point to stop external hardware sneaking onto your network? Lastly,how are they anti virus wise? It could be a problem with spam related uploads if a pc has been zombified.
__________________
Successfull trades: RakOon, drfbro, mR_CaESaR, Spyfox If I've got crap for sale on ebay you like, click here. Old hardware giveaway thread here. Sony Vaio Club Member #21 Last edited by mike-s; 10th July 2012 at 12:26 AM. |
|
|
|
|
10th July 2012, 12:32 AM
|
#9 | |
|
Member
Join Date: Jan 2002
Location: Sleepwithyourdadelaide
Posts: 23,617
|
Quote:
Used this program, fantastic bit of kit. Turned out to be something simple, his sisters utorrent was set to launch on windows start and had about 50 public torrents uploading away. Set upload to 5kb/s and disabled start with windows, should do the trick.
__________________
I like to construct strong views on random things, and then argue for absolutely no reason about them. |
|
|
|
|
|
10th July 2012, 3:06 AM
|
#10 |
|
Member
Join Date: Dec 2003
Location: Sydney, Australia
Posts: 1,696
|
Well I was half right about it, it was akin to a behavioral change. On the bright side least it wasn't a wireless break-in.
__________________
Successfull trades: RakOon, drfbro, mR_CaESaR, Spyfox If I've got crap for sale on ebay you like, click here. Old hardware giveaway thread here. Sony Vaio Club Member #21 |
|
|
|
|
| Bookmarks |
|
Sign up for a free OCAU account and this ad will go away! |
| Thread Tools | |
|
|
