D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Monitoring wifi usage.

 

On 1 March 2013 11:01, tom <tompotts@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> I live in a fairly isolated position - only one other property within 1/2
> mile or so. My internet usage has soared of late and I cant work out why.
> My ADSL modem is not capable of logging individual usage so I was wondering
> if there is any package that can sit and just look at wifi- traffic volumes
> so I can pinpoint the problem

IME unusually high traffic comes down to having something running that
you shouldn't, or a piggybacker.  Open SMTP gateway? Someone's
spamming through you. Linux machines - run chkrootkit, rkhunter and
investigate for compromises thoroughly.  Windows machines - same, or
compromised some other way. Bear in mind unusual activity may be
hidden from you. Or a family member has learnt about P2P filesharing
and is happily downloading the world. Or a neighbour is on your wifi
(unlikely given your position).

If your ISP has reasonably accurate and frequent stats, unplug things
one at a time until it drops normal...

Some ideas:

Most waps (including wifi enabled routers) will show what's connected.
If there's any rogues on the system, that should show it. Check
through the day.

I like Drayteks because they show active traffic and source, which
makes locating errant users a doddle.

Some routers have SNMP which /may/ release some stats, but could be
too basic to be useful.

iptraf shows network traffic, but you may need to research promiscuous
mode to get a full picture. It'll certainly give you a glimpse and
worth installing for starters. Wider sniffing with specialist tools
(wireshark rings a bell, but no personal experience) may give packet
analysis so you can find source/target. This is a bit hit and miss in
practice.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq