Network Data Monitoring
Ive had a bit of a spike in internet usage that is unexplainable on my home network.
Ive got Mac Filtering enabled on my network, so i figure thats pretty secure (although someone i guess could spoof thier mac address, but if they wanted/could do that then all kudos to them, and i dont think anything else i could do would stop them).
I suppose what i would really like is something that collects data on how much data each computer has downloaded. I guess what that would need is for all computers to go through a proxy and it would record that. But i havnt been able to find any tools after googleing and have a bit of a poke around.
So anybody got any ideas? would something like IPtables do this?
I would need more information before making recommendations.
First, it your SOHO network using wireless? It sounds like it because of your MAC reference.
The first course of action I would take would be to review the wireless config settings and tighten them up first. Also, if your router is capable, turn on logging and let it email the traffic results to you. This will provide IP addresses that you can compare to your internal machines and will show what sites were accessed from your network. Moreover, the first course of action should probably be to change the admin router password and access passphrase.
Second, I have spoofed my own router mac on occasion via my laptop and then ran iftop, iptraf or etherape to monitor the traffic live. Any of these apps can be run on the Linux boxes individually as well.