Hello
I have an SME server with 7.2 installed and all of the updates installed.
I have also installed the contrib SME7ADMIN the monitor the server
I was looking at the graphs the other day and I saw a very large amount of
data being transferred from a system on the LAN to the server and then to
an external system which lasted for the majority of a 18 hour period.
This is odd for a few big reasons
1) We have never had a data transfers of this type in this direction
(the closest was when I downloaded ANSYS 11 but that was from the
net to my system not a local system to the net)
2) It was started about noon on Sunday when there is nobody on the LAN
(or at least supposed to be) to perform such operations.
3) It stopped about 8 in the morning or just before work hours.
I really want to track down the culprit but I am not sure how
What log, log file, contrib, and tool would be most useful in solving this problem
I have been looking at ntop, ipp2p, and DansGuardian as options
(I also have someone i believe using eMule and cousing problems with the DHCP server doe to it)
I tried to follow the instructions on "
http://forums.contribs.org/index.php?topic=33302.0"
but had a dependency issue on libart_lgpl for the rrdtool
I would like to stop this kind of activity and when it does happen
identify the culprits
ps. I have some saved PNG graphics on the sme7admin graphs to show what I am
talking about.
http://forums.contribs.org/index.php?topic=37747.0
3 Replies
995 Views