14 Jun
2012
14 Jun
'12
7:07 p.m.
We have a situation here that is a real mystery.
Our MRTG on our outgoing router and a firewall server that protects our web servers is showing a spike every six hours. I can't find the server behind the firewall that is generating such an extreme amount of packets, even though I've looked through the crontabs of nearly all servers, performed "ps" variations, and other types of investigation.
Is there any type of package I can install that will monitor traffic and report abnormal, over-threshold packets similar to what wireshark might do in a manner that would allow me to determine where these packets might be going or from where they originate?
Thanks for any help.
steve campbell