Who's using our bandwidth?

networking wifi bandwidth

I can see from our ISP stats that a large amount of bandwidth is being used throughout the day, I suspect it's someone using our wireless router although I'm not definite. Our PC's all run various types of windows, are there utilities/sniffers that I can use to detect where the bandwidth is going?


You can install a PC on a hub (or managed switch emulating a hub) with the router, and use Wireshark to capture all the traffic. From here you can get some useful metrics to point you to your bandwidth hogs.


Adding to Jon B's answer, I have also used ntop to get a good idea of where traffic is going. I downloaded a Virtual Appliance to make it easier to set up.


Wireshark (used to be called Ethereal) will tell you everything you want to know.

  • http://www.wireshark.org/

  • A useful guide I found on the internets :)


Can you give us more details about your network setup? I can propose two different approaches:

  1. Depending on the type of wireless device you have, you may be able to use a network management application that uses SNMP to pull down stats from the AP. Most enterprise APs will have a MIB table that tracks the list of associated client, their signal quality, and the number of bytes used. Similarly, your router may have a MIB that tracks traffic by IP address.

  2. You can use a wired traffic sniffer (wireshark, etherpeek) to watch the traffic. Those tools can usually give you a breakdown of traffic by user. You'd have to sniff the traffic before it hits your router (if your router does NAT). You can use a hub (though those are really hard to find these days) or turn on port mirroring on a managed switch. You can also use a wireless sniffer, but if the network is encrypted, you'll just get an idea of the volume of traffic from each user, not where the traffic is destined.


Depending on the make and model of the wireless access point/switch you are using, Tomato might be just what you are after. It provides a nice bandwidth monitor, among other things.

Also, a bit costly, but it seems it would do what you want as well.

Related

How to run a PowerShell script from Cygwin SSH session?
Should I worry about mysql sleep status process in processlist
Alternatives to RSA SecurID? [closed]
To yum update? Or not?
How can I disable the Screen Saver on the login window?
What is the cheapest way to get windows running on a Mac
Recommended fixed width font for shell prompts and Eclipse
Can I change the default music player app on my iPhone? If so, how?
I want to create a new calendar "on my mac" but the item is missing in calendar.app v. 8
iMovie crashes on startup
Stuck with an old version of MacOS
Is there a way to forward Growl notifications to Notification Centre?