Is MRTG good for showing NETWORK/Bandwidth Abuse?

Is MRTG good for showing NETWORK/Bandwidth Abuse?

Post by Ange » Tue, 08 Oct 2002 10:57:05



I had / have a colo that is/was collecting dust and it was/is a RedHat
7.1 due to the fact that works well with Plesk.

Once connected to RedHat Networks, and did a update to see what I need
I was surprised how much *I needed to update and patch, many bugs
such as the SSL on they had.

My Colo center said that it was my server that would cause problems
and I thought they might be wrong, because they took it offline for 2-3
days and 2nd day they still had problems.

I HAVE NO CLIENTS on it, just few domains of my own sites, and friends.

I had MRTG pre-installed but not used, right now I have to go there and
reload RH 7.2 maybe this time and try to install a very very bare system
with minimal software to take care down the road which I tried.

WITH MRTG in PLACE would I be able to see if anyone used the server
for dump site, place, or do some DoS of any kind? I figured they would
cause traffic and that would be recorded.

I had a DNS on it, I had Apache running and no telnet, just ssh and
pop3.  

 
 
 

Is MRTG good for showing NETWORK/Bandwidth Abuse?

Post by Raqueeb Hass » Tue, 08 Oct 2002 15:37:33


well, you can figure out the traffic usages ... but about the network
abuse, i'm afraid you have to rely on your syslog files.

raqueeb hassan
bangladesh

 
 
 

Is MRTG good for showing NETWORK/Bandwidth Abuse?

Post by codfathe » Tue, 08 Oct 2002 15:47:13


[snip]

Quote:> WITH MRTG in PLACE would I be able to see if anyone used the server
> for dump site, place, or do some DoS of any kind? I figured they would
> cause traffic and that would be recorded.

> I had a DNS on it, I had Apache running and no telnet, just ssh and
> pop3.

You need to use an IDS system like snort or tripwire.

codfather

 
 
 

Is MRTG good for showing NETWORK/Bandwidth Abuse?

Post by peter pils » Tue, 08 Oct 2002 17:11:15



> WITH MRTG in PLACE would I be able to see if anyone used the server
> for dump site, place, or do some DoS of any kind? I figured they would
> cause traffic and that would be recorded.

if your problem is serious bandwidth-abuse, then mrtg can help you. It can
record the transmitted data via your interface by monitoring the
corresponding values in the /proc - filesystem.

I use mrtg to spy if some of our clients uses morpheus/napster over
"normal" amount ...

peter

--
peter pilsl

http://www.goldfisch.at

 
 
 

1. MRTG to monitor each users bandwidth in a gateway server

I have one linux server "A" and I managed to run the snmp and monitor
the overall bandwidth by using MRTG from another computer.
I hope to monitor the bandwidth of every users in my network by MRTG,
because of the advantage of the non-growing log data and nice graph.
Anybody knows what I should do to capture the data?

Thank you.

2. Problem with WiFi - how should I configure it?

3. mrtg and bandwidth monitoring..

4. Ugrade to Linux-1.2.0

5. Doom + Abuse + Abuse + Chess + EMACS + Netscape = no problem!

6. Does anyone know how to compile Netscape7 for RH 8?

7. New!: CreativeLinux.com, Webbie Tookay-Virtual Supermodel, Game Show Network Debuts New Show

8. Syquest Sparq under Linux

9. tc and bandwidth limiting: What am I doing wrong?

10. networked abuse?

11. Abuse- network play?

12. SNMP on 2.2.2-Release for Network Traffic with MRTG.