Saturday, November 05, 2005

Freeware Review 3: WhatisTransferring

Past few days, i was answering to calls from internet cafe regarding slow internet access. Tried to check our monitoring and it shows most of them consumes 100% of their bandwidth. After checking our modems and connection, it turn out that some of their PC were infected with spyware. Well, they can just clean up their PC and the problem is gone. However, with more than 30 PC with users online, it would be a bad timing for the owners, since it would mean loss of income at that moment. Well, ISP cannot do nothing more, since the problem is within the Local Area Network. Then I thought of using a packet sniffer which must be lighter than Ethereal so that it can be easily downloaded and the same basic features to capture packet. With primary objective of knowing the source IP which is broadcasting too much UDP/TCP packets and what ports it is using, i came to use the freeware WhatisTransferring. Using the freeware, you just observed the Source IP which broadcast too many UDP or TCP packets, then take note of it. Then you can start disconnecting it from the LAN and clean it up first. In this way, you dont need to shut down the whole network and you can isolate the cause of the problem much faster. Well, there are many freeware you can use there, but i think this one is good.

No comments: