Find the answer to your Linux question:
Results 1 to 2 of 2
Hello. Nice site. I need to build a "box" of some sort that can monitor packets for individual IP addresses. This would send alerts if there was an absorbent amount ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2004
    Posts
    4

    A new project I have due. I could use assistance.


    Hello. Nice site.

    I need to build a "box" of some sort that can monitor packets for individual IP addresses. This would send alerts if there was an absorbent amount of traffic on an "odd port" (worms, Trojans, malware - to be customized) and let us know which IP it's coming from.

    This is for a large (and growing) WiFi ISP.
    We just need to know when these scumware's are using bandwidth so we can alert the client and/or turn them off.

    The through-put is 45MB a second at the nock. (So a 10/100 NIC is sufficient)

    I was thinking of something like TCPdump or similar. I think reporting EVERY packet could be very cumbersome for this box - so maybe ever 5th packet or something. Then show a % or somthing.

    This box will not be in our physical location - so we would like the data to be pushed over to a PHP site , or so we can remotely see the data.

    I would like this to be a rack, but the physical is not important right now.

    Any good ideas here on this?
    Thank you.

  2. #2
    Linux User
    Join Date
    Oct 2004
    Location
    /dev/random
    Posts
    404
    Did you try out Nagios??
    http://www.nagios.org

    It's a general purpose network monitor, but can be extended with plugins.
    The Unforgiven
    Registered Linux User #358564

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •