[kwlug-disc] Monitoring network spikes (redux?)
unsolicited
unsolicited at swiz.ca
Sat Sep 22 00:51:47 EDT 2012
I guess I am also assuming you are taking advantage of the bluetack
lists (2) and an ipblock/iplist (1) mechanism suitable to your
environment. i.e. ipblock is suitable for a distro install, but likely
pfsense / ipcop / whatever have their own modules / addins / list
mechanisms.
(1) http://iplist.sourceforge.net/faq.html
(2)
http://blocklistpro.com/guides/biss-ip-blocklists-faq/recommended-lists.html
Won't help you figure out the nature of the craziness, but may help
knock down the amount some. (Smaller haystack?)
On 12-09-21 11:37 PM, unsolicited wrote:
> On 12-09-21 01:51 PM, Paul Nijjar wrote:
>> So our network is going crazy with traffic and I don't know why.
>
> This all sounds like mrtg / rrdtool / snort, but I thought you knew /
> implemented these long ago. Have whatever be putting out snmp data to an
> mrtg box and letting it do its thing, analysis wise.
>
> snort in the sense of getting you data, not so much actually sticking
> its fingers in the works, merely monitoring.
>
> No?
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
More information about the kwlug-disc
mailing list