Wireshark FTW! One way is to run Snort on the server and use WS to analyse the output. mike http://mikelindner.wordpress.com On 19/11/12 15:36, DanyJ wrote:
Hello LUVers
I have been experiencing an increase of about 5x factor in my outgoing network traffic for a while -at least last week - I cannot explain that change in activity,configuration etc... (It does peak to much higher level at a specific time, but I have worked out why that was so.. a overgrown backup file that was being transfered daily)
So I need to find out what that traffic is.
What is a recommended log analysers to help me quickly here? Want it to tell me how much data is being transfered by which protocol
Or any recommended procedure to identify that traffic?
Any ideas please?
Its a Ubuntu 10.04 server, running Apache, Postfix and related stuff (Spamassassin, Amavisd etc) (I had varnish on it, but I turned it off)
Cheers Daniel. _______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main