suggestion of network monitoring tools for whole LAN
Submitted by johnny on Tue, 07/10/2007 - 2:53am.
Hi, I am looking for a network monitoring tool for both my asterisk server and my other LAN pc, what i want is to install it in one of my LAN pc and then I can monitor it through the router, basically all the packets (ip address, ports etc) through the router, and better if it has the bandwidth usage of each device within the LAN
any suggestion?
johnny
network monitoring
Tue, 07/10/2007 - 3:18am
To find out what's running and get notified when services / hosts / servers / die you need http://www.nagios.org/about/ Nagios - an Open Source host, service and network monitoring program.
If you want to examine traffic on your network you need Wireshark http://www.wireshark.org/faq.html#q1.1 described as the world's most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, and Linux. Wireshark used to be known as Ethereal.
You can get lots of addins / graphing tools etc for nagios, probably can for wireshark, a keyword search on this site will show yo who else has commented on them. Both programs go back a long way and are actively developed.
John
I agree with the first two
Tue, 07/10/2007 - 3:48am
I agree with the first two that John offered and I will add two more. IPAudit is a good tool to monitor bandwidth usage, conversations and ports used and also is free. Now for relatively low cost commercial I would suggest Ipswitch's What's Up Professional. It is not an HP Open View, but has strong capabilities and programmability for both network devices (routers, switches) and servers/services.
You might also look at ntop
Tue, 07/10/2007 - 6:50am
You might also look at ntop http://www.ntop.org/overview.html I find it very helpful in seeing what is going on on the network.
Zenoss is my favorite
Tue, 07/10/2007 - 1:38pm
Having used nagios, cacti, and a few other open source monitoring systems, my favorite (and what I use in my production environment) is Zenoss Core (http://www.zenoss.com/).
It is very user friendly, and very feature-rich.
This thread reminded me that I need to post a thread asking why Trixbox does not include snmp support in asterisk.
Check it out, I think you'll love it.
.:diatonic:.
hi, guys, thanks to all of
Tue, 07/10/2007 - 8:01pm
hi, guys, thanks to all of your suggestions.
I have tried wireshark due to its pupular feedback, but i could only capture the interface of my own PC, if some one can tell me how i can install it in one of the PC and yet still can capture all the interfaces connected to my Linksys Routers (with both original and DD-WRT firmware) I will be more than happy to try again.
and for the bandwidth analyzer, what I am trying is PRTG trial version, it's not bad and with many features, although it's a bit complicated and not free. But I will study and try others suggested as well.
thanks again.
I really like ntop and it
Tue, 07/10/2007 - 8:21pm
I really like ntop and it sounds like what you are looking for. What you need to do to get ntop or wireshark or any promiscuous mode network monitors working is a cheap hub (not a switch) or a switch with port mirroring ability. Here is my setup Border Gateway:
Firewall/Router -- Hub -- LAN
|
ntop
Ntop has 3 basic modes of operation.
# Simple Host
This is probably the most common scenario: you install ntop on your PC that's part of a LAN you use for your daily tasks. In this case you will probably see only a portion of the traffic, so don't complain if ntop can't tell you all about your network.
.
# Border Gateway
In this case you'll see only the traffic from/to your LAN. As your ntop will probably need to analyze several packets, you should consider options such as -b, -n, -z in order to reduce the amount of work needed to analyze all the traffic.
.
# Mirror Line
On this case you will see packets that were not supposed to be received by the PC where ntop runs. Due to this, ntop (usually) cannot trust MAC addresses but just IPs. Hence do not forget to use -o otherwise you'll see some strange trafic figures.
Just realized that your
Tue, 07/10/2007 - 8:32pm
Just realized that your DD-WRT router should support ntop flow type setup. See if this type of setup would work for you.
http://camelot.tc3net.com/files/HOWTO-Ntop-DD_WRT22.pdf
Free ("Ethereal" and "Estate Guardian"
Wed, 07/11/2007 - 7:37am
I know of "Ethereal" as another free alternative to capture traffic. Two other tools I can speak of at a relative cost are "Statseeker" which monitors ports in real-time (http://www.triplecomm.co.uk) and "Estate Guardian" which is a systems managment tool that we use that can monitor "all" of your windows pc functions in real-time (http://www.guardtower-solutions2.com/usa/home.asp) There's a free version of Estate Guardian (Estate Guardian 10) you can download and try :)
Jay
Other options to consider:
Wed, 07/11/2007 - 8:23am
I've been window shopping these lately. A few others in addition to the ones above:
OpenNMS:
"OpenNMS is the world's first enterprise grade network management platform developed under the open source model. It consists of a community supported open-source project as well as a commercial services, training and support organization."
Zabbix:
"ZABBIX is an enterprise-class open source distributed monitoring solution.
New in ZABBIX 1.4
* Flexible auto discovery
* Centralized distributed monitoring
* Advanced WEB monitoring
* Better templates
* XML data import/export
* More scalable user permissions
* and more..."
Cricket
"About Cricket
Cricket is a high performance, extremely flexible system for monitoring trends in time-series data. Cricket was expressly developed to help network managers visualize and understand the traffic on their networks, but it can be used all kinds of other jobs, as well.
Cricket has two components, a collector and a grapher. The collector runs from cron every 5 minutes (or at a different rate, if you want), and stores data into a datastructure managed by RRD Tool. Later, when you want to check on the data you have collected, you can use a web-based interface to view graphs of the data. "
cricket.sourceforge.net
And, of course, MRTG:
"What it does
You have a router, you want to know what it does all day long? Then MRTG is for you. It will monitor SNMP network devices and draw pretty pictures showing how much traffic has passed through each interface.
Routers are only the beginning. MRTG is being used to graph all sorts of network devices as well as everything else from weather data to vending machines.
MRTG is written in perl and works on Unix/Linux as well as Windows and even Netware systems. MRTG is free software licensed under the Gnu GPL."
Anyone have comments on any of these?
Linksys SOHO routers
Wed, 07/11/2007 - 8:42am
>if some one can tell me how i can install it
>in one of the PC and yet still can capture all the
>interfaces connected to my Linksys Routers
>(with both original and DD-WRT firmware) I will
>be more than happy to try again.
WallWatcher is a nice little Windows program for watching the connections across the interfaces of your router. It can work through SNMP or by syslog.
Note that I haven't used it for a while, having moved away from windows generally.
-DF
INNATE TECHNOLOGY
wow, it's really impressive
Wed, 07/11/2007 - 9:13pm
wow, it's really impressive with both of your explanations here. It seems I have so many things to learn regarding to network part. I am not that sure how to let pfsense work with multiple interfaces with Qos, VLAN, Wireless as well as failover etc. I will start to play with it and draw out a few diagrams about the network part for a small to medium companies.
What I have played with is really simple: a ADSL modem connected to a linksys or Dlink router, followed by a normal or PoE switch, standard for small firms or testing purpose. Yes I know I do need a firewall inbetween, and not touching VLAN (or even not sure what it is) and other network things. Initially i just plan to buy a good cisco router and switch and integrate with a fiewall for our server side, now I may play with pfsense first.
thanks again to all. For sure I will report back what I have gained from here.
Member Since:
2006-08-29