• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

So i was just made network admin of 50+ people...

D

delussional77

Member
Hey everyone. So i was just made the network admin in my fraternity of over 50 people. I should start off by saying that I know very little about networking. I am hoping i can read some tutorials or any webpages that will help with basic networking of this size. My house has a pair of 25 port switches and a router/modem that is converting DSL for our internet.

We are having a really big problem with people abusing their network priveleges. The past network admins were great at what they did and would block ports of people who were downloading excessively. I am not that good and although I can monitor who's ports on the switches are the most active that doesn't give me a good idea of who's actually downloading (unfortunately the switch's software is much more efficient then the router, the switches actually show how much upload/download activity is occuring on each port). Unfortunately i can't use this information alone because if somebody is streaming a movie from our movie serve their port will show immense port activity but they are not actually abusing the internet.

I'm hoping that there will be a 3rd party application that i can use to show me who's IP is doing what. I am also looking for a program that will tell me what applications are connecting to the internet from an indivual IP (so i can see if kazaa or the like is being used). I can give the names/model# of the router/switches if that would help. As of right now i have to sift through a router log and match up IP's with people and then try to see what they are doing based on where they are connecting. I am really, really bad at doing this effectively. Any help would be great for a beginner like me. Thanks alot.
 
the switches are a pair of Netgear FSM726 Managed Switches, the Router is a 10/100 4-port VPN Router (RV042).

If you need the modem i'll have to go look that up. I believe the switches are daisy chained together.

 
I think a Packetshaper would be right up your alley. With 50 nodes in a frat I can imagine that it will be pretty hard to pin-point ports. Especially with so much popular software using dynamic ports.

What kind of budget does a dorm with 50 people give you? 🙂
 
well my frat recieved all of its network gear through a grant so there is essentially $0 budget for upgrades (short of what people donate to add capacity to our servers). Looks like Packetshaper is costly and i'm looking more for programs (if it's even possible to do this) that would help me monitor the network.
 
Originally posted by: delussional77
well my frat recieved all of its network gear through a grant so there is essentially $0 budget for upgrades (short of what people donate to add capacity to our servers). Looks like Packetshaper is costly and i'm looking more for programs (if it's even possible to do this) that would help me monitor the network.
Click to expand...

you can use astaro for free

astaro.com
 
I would get an old school hub and bust out some open source goodness. ntop is a good (hard to configure at times, huge memory hog) monitoring tool for realtime. I would also get MRTG so you can get a historical perspective of port usage. Perhaps nessus to scan for open ports on their machines (p2p ports).
 
Originally posted by: nweaver
I would get an old school hub and bust out some open source goodness. ntop is a good (hard to configure at times, huge memory hog) monitoring tool for realtime. I would also get MRTG so you can get a historical perspective of port usage. Perhaps nessus to scan for open ports on their machines (p2p ports).
Click to expand...

The problem I see is that BitTorrent and a lot of P2P programs will cycle ports randomly (frequently using 80) for file sharing. There is no way easy way to restrict these programs. That's why I suggested a Packetshaper or good Linux QoS utility.

Originally posted by: delussional77
well my frat recieved all of its network gear through a grant so there is essentially $0 budget for upgrades (short of what people donate to add capacity to our servers). Looks like Packetshaper is costly and i'm looking more for programs (if it's even possible to do this) that would help me monitor the network.
Click to expand...

You could charge everyone $10-15 a month for IT fees. That way you can buy a large pipe (or two) for the frat and still have a bit left over for network services and upgrades.

And it would still be way cheaper then paying for an individual internet connection.
 
Originally posted by: PorBleemo
Originally posted by: nweaver
I would get an old school hub and bust out some open source goodness. ntop is a good (hard to configure at times, huge memory hog) monitoring tool for realtime. I would also get MRTG so you can get a historical perspective of port usage. Perhaps nessus to scan for open ports on their machines (p2p ports).
Click to expand...

The problem I see is that BitTorrent and a lot of P2P programs will cycle ports randomly (frequently using 80) for file sharing. There is no way easy way to restrict these programs. That's why I suggested a Packetshaper or good Linux QoS utility.
Click to expand...

Ntop will show realtime statistics of usage. If you put Router -> Hub with ntop sniffing-> modem you get not speed problems, and sniff all INTERNET traffic. It will tell you port stats, b/w usage, pretty much everything. ANd doesn't BT require port forwarding to work? then he would know who is using BT if it requires port forwarding. Plus you can post a flier asking random_freshman_00 why he was on buttpirates.com (and have proof)!
 
I use MRTG in a corporate environment. Works great, fairly easy to setup (although a bit tedious at first).
 
When your members use the network, were they ever given a written User agreememnt or TOS?
This would outline what is acceptable and what is not and a course of punishment up to revoking their network priveleges and/or fining said abuser.

I know from personal experience with my fraternity, since we are off campus, that the house network is heavily utilzed and that our router might not be up to the task when it comes to QoS. Talk to the people in the house about what is acceptable and what is not, talk to your executive board or President about policies concerning the use of the network, and if you need money for additional equipment, i'm sure you can find some from the budget, and if you can't then people shouldn't b!tch becuase they aren't willing to sink the money it getting the right equipment to get the job done.

 
delussional77, set up MRTG against your managed switches. Also get one of the scripts floating around the 'net to generate a 95th percentile. I would personally suggest that you post the graphs and 95th percentile numbers somewhere publicly (sort the 95th percentile users list, biggest users up top).

The idea here is that the biggest users are the biggest problem and everyone knows it. Either people will keep things under control knowing they'll have to answer to everyone else, or they'll be brazen and keep on sucking down the bandwidth. In the former case the problem solves itself, and in the latter, everyone in the group knows exactly why someone's network access got cut off, and will be more inclined to see your side of the story.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top