I have a Linksys WAG200G that's connected to several PCs. I can admin the modem/router. However someone seems to be doing something funny on the network that he slows the whole network to a crawl. I did a port forward of higher port nos. to my ip, it helps a bit, but at times still slow. Is there any way of monitoring the bandwidth or services used by each IP, so that I can find out who the culprit is?

Change your admin login and password.

See your router log, any other PC is connected to your network ?

Change your admin login and password.

See your router log, any other PC is connected to your network ?

i admin the router, so nobody knows the password. nothing wrong in the log, i suspect the culprit is within the network n doing P2P. i need to know how to find out who he is so that i can either block him or ask him to stop.

is ur network at home or in the office??

i oso wanna know... cos last time i did something like tat... hehee

is ur network at home or in the office??

office, but the setup like home, no special servers.

i oso wanna know... cos last time i did something like tat... hehee

so u're the culprit or the admin?

there is an old school method requiring a bit of work, which is to plug off the lan cable of each computer in the network. each time plug off 1 computer approx 5 min or so... during each plug out see if the network returns to normal state or not. if you happen to see that 1 pc after plugging out and the network become very fast, plug it back again to see if it slows down the network. then you have found your culprit.

however this may not necessary work, but can give it a try if u wan.

Hi,

Just a suggestion.
Perhaps do a daily check on the modem and router for consistency and analyse the traffic usage. Cause in my perspective ISP are also included as far as network is concerned.

Perhaps you can install a packet tracking, network tracking to capture the network activities on individual computers.
Could be a someone or something.
It will be easier to pinpoint the problem.

Stealth mode is recommended as user will not realise it and take precaution to avoid reviewing their true intentions.

Just my 2 cents worth.

Regards,
Rex

beware of this process call "csrss.exe" which hav more than 1 under task manager, processes. normally it shld run only 1 process(which is normal). i donno it wil choke the whole network or not. which mean even u didnt connect to internet, the lan light constantly blinking. it will happy happily choke n sometime don hav.

Security Task Manager can check is it a virus or not.

Gotch active session not?

Pay professionals to do the job lah... Otherwise, economic standstill for IT...

I remember Linksys WRT54G router would have some logs for you to monitor the incoming/outgoing traffic, and IP address is shown.

Not too sure if it's available for your WAG200G, so you might want to check out the manual first. This kind of stuff, no need for professionals...

is someone torrenting?
cause this router/modem suck at it.

ok, now i'm suspecting it might be a virus, on whose system is still a question. because it fluctuates. i gave mike911's method a try, but since it fluctuates, it's hard to determine who the culprit is. any specific software CJL_PCuser mentioned? i've tried a few but most dont really work, it requires a switch or server of some sort, but I'm not using any specific hardware.

no cisco router like the 877
very hard to control

with cisco you can really control the bandwidth and the access

One of the way you could try out, some of the router iteslves have thoes firewall log, if the pc having a lot of data transfer the firewall log will be recorded either been transfer or been drop to that pc ip address, is the same if you are running p2p connection it will refect in the firewall log which packet been accept or been rejected. you could try this way out.

i think linksys router should have..

the TOMATO firmware i'm using on my wrt54GL will show the number of connection per pc
but i think the default linksys firmware will not let you see it..

try enable QOS and put torrent, ftp, p2p to the lowest setting

according to the log, i found someone using port 15000 which belongs to xun lei, no wonder the net is so lag whenever he's using that.

now i've decided to lock down all the ports except the essential ones. anybody knows what ports that should be left open?
1-2000 various services
5100 yahoo msn?
8000-8080 http?
9100 printer

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

http://www.comptechdoc.org/independent/networking/guide/netports.html

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cnfc_por_simw.mspx?mfr=true

However, disable port 137-138 if you don't need them since these 2 ports are normally subjected to attacks by exploits,trojans, etc etc

anybody can help with a free smtp that dont need authentication for sending mails back to me?

anybody can help with a free smtp that dont need authentication for sending mails back to me?

:s11::s11:
Dun understand your question.
For sending emails out, use ur ISP SMTP Server?

Are you sure the router can handle outgoing port block?