[CentOS] OT - Is there a package to monitor network traffic
Ross Walker
rswwalker at gmail.com
Thu Jun 14 22:50:22 UTC 2012
On Jun 14, 2012, at 6:44 PM, Ross Walker <rswwalker at gmail.com> wrote:
> On Jun 14, 2012, at 1:07 PM, Steve Campbell <campbell at cnpapers.com> wrote:
>
>> We have a situation here that is a real mystery.
>>
>> Our MRTG on our outgoing router and a firewall server that protects our
>> web servers is showing a spike every six hours. I can't find the server
>> behind the firewall that is generating such an extreme amount of
>> packets, even though I've looked through the crontabs of nearly all
>> servers, performed "ps" variations, and other types of investigation.
>>
>> Is there any type of package I can install that will monitor traffic and
>> report abnormal, over-threshold packets similar to what wireshark might
>> do in a manner that would allow me to determine where these packets
>> might be going or from where they originate?
>
> Setup a nettop server and netflow on the routing interfaces and you will find tour culprit.
Nettop -> ntop
-Ross
More information about the CentOS
mailing list