Current time: 11-23-2024, 04:44 AM Hello There, Guest! (LoginRegister)


Post Reply 
Traiffic Monitoring
Author Message
jdcooke Offline
Junior Member
*

Posts: 17
Joined: Sep 2007
Reputation: 0
Post: #1
Traiffic Monitoring
I recently had a customer who failing to keep his e107 site upto date got hacked.

There was a script which on demand used fopen to send lots of traffic to remote servers.

It took me a long time to track this down as the traffic was not recorded against the specific user despite the fact that it originated from their web page. It was sent out from port 80 as UDP packets to the remote server.

Is there any way for monitoring this outbound traffic as it got recorded as other out but as the server ip rather than as a particular user?
06-21-2010 08:04 PM
Visit this user's website Find all posts by this user Quote this message in a reply
patrick.geschke Offline
Junior Member
*

Posts: 13
Joined: Nov 2009
Reputation: 0
Post: #2
RE: Traiffic Monitoring
Maybe ntop is what you should look at.
05-14-2011 07:24 PM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #3
RE: Traiffic Monitoring
The http traffic counting is based on the webserver's logs, not on any network-monitoring thing. As a consequence, all the traffic that is generated by dynamic websites using sockets will *not* be accounted to the user, ever.
05-14-2011 10:27 PM
Visit this user's website Find all posts by this user Quote this message in a reply
diamondzul Offline
Banned

Posts: 2
Joined: May 2011
Post: #4
RE: Traiffic Monitoring
Network Traffic Monitor is a network analytic tool that examines local area network usage and provides a display of upload and download statistics.
05-19-2011 08:51 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)