On 14/06/2012 18:07, Steve Campbell wrote: > We have a situation here that is a real mystery. > > Our MRTG on our outgoing router and a firewall server that protects our > web servers is showing a spike every six hours. I can't find the server > behind the firewall that is generating such an extreme amount of > packets, even though I've looked through the crontabs of nearly all > servers, performed "ps" variations, and other types of investigation. > > Is there any type of package I can install that will monitor traffic and > report abnormal, over-threshold packets similar to what wireshark might > do in a manner that would allow me to determine where these packets > might be going or from where they originate? > tp://lists.centos.org/mailman/listinfo/centos I used to quite like iptraf for a quick summary view of the traffic use. Don't know if there is a CentOS package for it. -- Regards, Giles Coochey, CCNA, CCNAS NetSecSpec Ltd +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk giles at coochey.net