Lan Wifi Network


Does anyone know about a software that can help me monitor computers's activity of computers connected to my network? Like the bandwith each computer uses and the lenght of time of connections?

I would like a easy to use and configure software, cheap or at best with a freeware licence.

Reply to
Loading thread data ...

Yep. A video camera. You just point it at the screen and it will monitor what you're doing and for how long. It's fairly cheap, very easy to use, and requires no license to operate.

When you're ready to disclose what hardware, operating system, and wireless devices you have to work with, we can possibly offer some useful suggestions. For example, SNMP or sniffing can be used for monitoring. However, we need to know *WHAT* you are monitoring.

It would be nice to know what you mean by "length of connection" as broadband is normally not a connect/disconnect type of service.

What type of reports would you like to see? Raw data? Tables? Graphs? Web pages?

For just bandwidth monitoring, I use SNMP and MRTG for graphs. However, you're unspecified network devices might not have SNMP. I also use: |

formatting link
Linksys BEFW11 and such monitoring. For WRT54G with DD-WRT firmware, I've been tinkering with: |
formatting link
ISP service, I use RRDTool and Nagios. For Cisco routers, I use various Netflow utilities. |
formatting link

Reply to
Jeff Liebermann


Thanks for answering, I'm gona see if your answer works with my (poor) knowledge of computer network... By the way, "length of connection" means to me info about one shuting down its computer at night or during the day or not.

In fact, I'm looking for info that concerns only the activity of the network and meanwhile I hope this info can lead me to some suggestion like ; "is this computer downloading all night or all day long...?" I know for sure without being paranoid my ISP has this info and even further like in some explorer connect only sites that work with asp, java.

What I don't want to know is what sites the computers on my small network are visiting? It's not my job. I just want to warn a user of the network I "manage", that uses to much bandwith in a "suspect" way that if he keeps going on, he'll have no more connection.

Thanks again,

Pascal Baro

Reply to

That's going to be a problem. Deciding whether a user has intentionally disconnected or just driven out of wireless range is difficult. Most routers will retain DHCP leases for many hours after a wireless user has gone away. The ARP cache can be used to determine if a user is still there, but that comes and goes rather quickly. If your wireless network has multiple access points where users can roam between them, the question of where a user is located is added to the muddle. That's what 802.11r (fast roaming) is going to hopefully solve. It is possible to determine if a user is still connected by active means (i.e. ping their IP), but many client side personal firewalls intentionally block ICMP and UDP ping packets. All this causes problems when WISP (wireless ISP) operators want to provide metered billing (by the minute). Some have resorted to proprietary client software (Boingo) to do the job. Others require a VPN connection (T-Mobile) which can be timed. I think you're on the right track by measuring traffic instead of connect time.

If all you want is aggregate (total) traffic, that's easy. Find a router or switch that has SNMP capeabilities. You'll pay more but it's worth it. I use MRTG and RRDTool to query the wireless router for total traffic in both directions.

formatting link
formatting link
produce nice historical graphs of total traffic. This is most useful for detecting abuse and dealing with traffic failures such as RF intereference because they display what is considered normal traffic patterns. User counts can also be excavated via SNMP. Digging deeper, most access point SNMP stacks will give traffic per MAC address, which can be graphed. If it's a router, it will also have the corresponding IP addresses.

You can also get traffic information by sniffing the traffic between the access point and the router. This will also have all the users MAC addresses. However, there is a gotacha. It will not show wireless to wireless traffic, which does not go through the router section and onward to the internet. If you have "client isolation" enabled in the access points, no problem as there is no client to client traffic. If you do have client to client traffic, sniffing will not work.

Daily traffic quotas? It would be simple enough to use SNMP to accumulate daily traffic statistics from perhaps midnight to midnight. If any such traffic totals exceed an authorized value, then they get an automatic nastygram in the email. Been there, done that, and it doesn't work. The problem is that the alert appears much after the abuse has taken place. Even setting quotas on a per hour basis proved too late. It has to be caught quickly and dealt with immediately as the support phones will start ringing immediately and the NOC will not have a clue who or what is happening.

It's MUCH easier to not play policeman and simply install some form of bandwidth management or QoS that proactively prevents abuse. Time limiting is also possible such as Directway, which starts out fast, but slows down after some level of traffic threshold has passed.

I don't have a specific suggestion that would not involve replacing some of your hardware. I also have little clue as to what you have to work with and how much of it supports SNMP. I suggest you look at the various network monitoring tools available and decide what will work for you.

Also, note that your users will probably need to authenticate with a RADIUS server in order to simply identify which wireless connection belongs to which users. It's very easy to change MAC addresses and fool the NOC. That probably means a dedicated authentication server and SNMP data collector. Whether this is worth the effort for 30 users is rather dubious.

You might find the following interesting.

formatting link
formatting link

Reply to
Jeff Liebermann

Thx for such an amount of info.

Well, I study finance and accounting and computers and what's left goes to computers...

formatting link

Anyway, I'm not too litterate with wifi terms, network and stuff, so it should take a while until I get to understand most elements of your answer.

What I'm trying to solve with my questions in this forum is all about a small wifi network I'm somehow setting up using very basic tools such as a belkin modem and USB/PCI Wifi keys. For now, there are 4 users connected on the network.

One of the user, since I had to configured his comp, I "forecast" he might do some downloading legaly or illegaly. The thing is that I don't want the other users and myself to suffer from his use of the bandwith.

There also one strange thing that happen not long from now, he bought the same USB Wifi key I'm using (a belkin 811.g key) and his key kinda of turn down the whole network, I couldn't connect to the Internet being 1 meter away from the modem. I figured it out after I used my key on its computer then he could surf the web and I could with ethernet or my internal 811.b Wifi surf the web as well.

As a consequence, I told him to change his usb key. It was quite strange to have a simple device such as a usb key, maybe in bad condition that could mess up the whole network from his place...when my key (the same) was far from acting like his.

That's it for tonight, I have such an amount of work that I'm kinda crazy to spend time now on a forum.

Hope to hear if you have some more diagnosis, but keep it simple,


nb: I've experienced the dhcp thing, that unless I don't reboot the modem, I see people connected on the network when their comp are at my sight "turned off". I blame it on the cooky!

=> I took a tour on you site and I find it a bit messy but very "consistent" which is essential after all

Reply to
cherriesbaked Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.