Michael Gorman wrote: > Snort sounds like it would be your friend in this instance. Snort might take a while in setting up the rules. Here is a quick HOWTO on getting ntop up and running. http://www.howtoforge.com/network_monitoring_with_ntop After you're done, hit http://ServerIP:3000 and you can see a good little read out of the traffic.