From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JVAgL-00037h-DL for garchives@archives.gentoo.org; Fri, 29 Feb 2008 19:14:09 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4850CE03E2; Fri, 29 Feb 2008 19:14:08 +0000 (UTC) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.232]) by pigeon.gentoo.org (Postfix) with ESMTP id 1F944E03E2 for ; Fri, 29 Feb 2008 19:14:08 +0000 (UTC) Received: by wx-out-0506.google.com with SMTP id h30so8280726wxd.10 for ; Fri, 29 Feb 2008 11:14:07 -0800 (PST) Received: by 10.100.250.12 with SMTP id x12mr20135874anh.82.1204312447312; Fri, 29 Feb 2008 11:14:07 -0800 (PST) Received: from ?10.10.0.4? ( [201.235.164.113]) by mx.google.com with ESMTPS id 6sm11022664agb.13.2008.02.29.11.13.59 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 29 Feb 2008 11:14:06 -0800 (PST) Message-ID: <47C85967.7060804@buanzo.com.ar> Date: Fri, 29 Feb 2008 17:13:43 -0200 From: Arturo 'Buanzo' Busleiman Organization: GNU/Buanzo User-Agent: Thunderbird 2.0.0.12 (X11/20080227) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [Probably off-topic] How do I find out what is consuming the bandwidth? References: <47C84042.4010301@shic.co.uk> In-Reply-To: <47C84042.4010301@shic.co.uk> X-Enigmail-Version: 0.95.6 OpenPGP: id=6857704D Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 55b25e49-ccfd-4a7f-a987-1f2b27c742fb X-Archives-Hash: 712a0a66a7666b152f0d319537e07958 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Steve wrote: | I'd like to know what communicating IPs are consuming most bandwidth, Given the fact that other tools don't serve your purpose, I'd say you give ettercap a try. It's a sniffer that can do ARP Poisoning ("sniffing in switched lans"). Of course, this is not a tool you'd like to keep running all the time, given how troublesome ARP Poisoning can be. You might get something useful enough. - -- Arturo "Buanzo" Busleiman Reliable inter-continental Mail Relay Service - Ask me! Independent Security Consultant - SANS - OISSG http://www.buanzo.com.ar/pro/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHyFlnAlpOsGhXcE0RCi2VAKCATgXmG7kbzQPaUrukV9kcqvq3ewCeJI8J bbLUzfM3iSTJEyKgaXitN/w= =L/Uz -----END PGP SIGNATURE----- -- gentoo-user@lists.gentoo.org mailing list